Active Directory

Jason_Mayfield · December 28, 2007, 8:34pm

I’m in the process of setting up the ldap connection with Active Directory. I went through all the prompts and all the test worked fine. I then added an admin account and tested that with my AD username and password and that worked. However now I’m trying to login into the admin console but I can’t get logged in. I keep getting this message…

Login failed: make sure your username and password are correct and that you’re an admin or moderator.

|

Here are the results when I tested my username as an admin account so it seems like the ldap is configured properly.

Test: Administrator Settings

Status: Authentication Successful!

Specified username and password are valid. Close this test panel to continue.

Jason_Mayfield · December 28, 2007, 9:07pm

With more testing, I can log into the Spark client with my AD accounts. The only thing I can’t do is login into the Admin Console with the AD account that I specified in the setup.

NO_MESSAGES_OR_FRIEN · December 28, 2007, 9:25pm

In the openfire program folder there is another folder cal Conf. There is a file here called openfire.xml. Is the admin name list here? Also is it list as just the username (i.e. <authorizedUsernames>johnd,janed</authorizedUsernames>)?

Jason_Mayfield · December 28, 2007, 9:27pm

Yes it is listed here as the just the username.

NO_MESSAGES_OR_FRIEN · December 28, 2007, 9:31pm

Are you using any user filters that would exclude that account from access the site? What OS is the server running on?

Jason_Mayfield · December 28, 2007, 9:33pm

No I didn’t set any filters and I’ve tried multiple AD accounts. It’s on Windows server 2003 Standard. I also had the same problem when I hosted it on my XP machine.

Jason_Mayfield · December 28, 2007, 9:34pm

Also I’m using the same account to login into Spark that I’m trying to use to login to the admin console. It is working fine logging into Spark.

NO_MESSAGES_OR_FRIEN · December 28, 2007, 9:45pm

What did you name the openfire server when configuring the software? Is it the same as the servers Fully Qualified Domain Name? That is important. If it is not I would re-install. Name the server what ever the full name is in your AD DNS server.

Jason_Mayfield · December 28, 2007, 9:49pm

I originally just put the name of the server. Does it make sense to just put in the IP address of the server?

NO_MESSAGES_OR_FRIEN · December 28, 2007, 9:51pm

You really should use the FQDN, as advanced features like SSO will require it to work. It may also be the cause of your current woes.

NO_MESSAGES_OR_FRIEN · December 28, 2007, 9:54pm

my guess is http://chat:9090 will not resolve via DNS. Try http://localhost:9090.

Jason_Mayfield · December 28, 2007, 10:09pm

I completely reinstalled and went through the setup again but that didn’t work. I’m still having the same problems. This seems really weird since I can log into Shark with AD account and all of the testing of the LDAP connectivity worked great when I went through the setup.

Jason_Mayfield · December 31, 2007, 5:00pm

FYI… I got this working. Turns out the username is case sensitive and I was using the wrong case.