I am currently evaluating the latest build of Openfire. We are still using 3.6.1 with “local” users in production, manually configured within Openfire. I would like to integrate the new setup with the Active Directory, and this seems to be working fine for users, although I can’t get any groups imported. After taking a close look at the settings, it doesn’t surprise me. Our Active Directory is constructed something like this (these are example names):
Obviously, I set the baseDN to OU=AccountsOU,DC=domain,DC=name. Because the OU containing the groups does not reside within this OU no groups can be imported by the server. I can’t make much of a business case if it means restructuring the entire AD and a bunch of application servers connected to it. Is there any way to work around this? Can I somehow specify a seperate DN for the groups?
very speedy reply indeed! Yes, that would work, but I would need to apply some sort of filter. As I can’t filter by OU (I assume the same rules apply as with a standard AD query?), I would need to set some custom attribute for the intended users. As I’ll create new groups for the XMPP setup, I can filter them easily, so that’s not a problem.
Am I overlooking some simple solution here (without modifying the existing accounts)?