Hi,
I thought I would post my findings as I had seen a number of different posts around this topic.
The criteria for this setup was:
-
Only users in a specific user group would be visible in the admin console and able to access the server using a jabber client.
-
Only groups starting with a specific string would be visible in the admin console and the jabber client.
-
Have a seperate OU to hold all of these groups.
Examples:
-
All jabber users must belong to Jabber_Users to logon to the server or be visible.
-
Only groups starting with Jabber_ are visible in the admin console and once shared the Jabber client.
The User Search Filter used:
<searchFilter>(objectClass=organizationalPerson)(memberOf=cn=Jabber_Users, ou=Groups,ou=Jabber,dc=Jabber,dc=local)</searchFilter>
The Group Search Filter used:
<groupSearchFilter>(objectClass=group)(CN=Jabber_*)</groupSearchFilter& gt;
NOTE:
-
Any account to be configure as admin must match the user filter above i.e The account must belong to Jabber_User
-
The user filter must contain the full LDAP path to the user group, the group filter does not need this.
This was tested on virtual machines (vmware workstation):
Domain Controller (Server 2003 SP)
jabber Server (Server 2003 SP2) Openfire 3.5.2
Jabber Client (XP SP2) Spark 2.5.8