Active Directory user groups

Hello, I am trying to set up OpenFire with an LDAP connection for user authentication. I created a group called “IMUsers” within the Users organizational unit. I set the BaseDN to cn=IMUsers,cn=Users,dc=DOMAIN,dc=COM (where DOMAIN and COM are replaced with my domain elements). The test succeeds. On the next page, the only time I can get anything to display in test is if I change objectClass attribute to “group” and in that case it shows IMUsers. I can’t seem to get the users that are members of IMUsers to display. Am I doing something incorrectly? I’m used to developing in .NET and it’s extremely easy to enumerate the groups and org units.



I figured it out. In case anyone else is having the problem, this is how I solved it:

First, this was the org structure:



User1 (user)

User2 (user)

User3 (user)

IMUsers (group)

I added User1 and User3 to the IMUsers group

These are the settings I used:

BaseDN: cn=Users,dc=DOMAIN,dc=LOCAL

User Filter: I added “&(memberOf=CN=IMUsers,OU=Users,DC=DOMAIN,DC=LOCAL)” to the default

Now, only users 1 and 3 are listed.