Active Directory only works with OU

I have been banging my head on the wall for the last couple of hours trying to figure out why the AD setup wasn’t working. Step 1 works fine but step 2 was failing. When I created an OU for myself, instead of the default Users CN and used that in step 2 (user mapping) it worked fine. Is this expected behavior? a bug? something odd with my AD setup?

what is your basedn set to in openfire?

in your openfire.xml file its the tag

Base DN: DC=“domain”,DC=“corp”

I guess what I am really after is a search filter for the users CN

the filters will most likely not work with the default CN folder. AD ldap does queries based on OUs.

Is there any hackish way to get around this? What would be the prefered solution?

no hackish way around. you should be organizing your AD tree into OUs. It provides better granularity for management and application of group policies. Sample structure with openfire LDAP in mind:

ADUC.jpg