Hello all. This is my first time setting up Openfire and while it looks great, there is one problem I have ran into. I’d like to setup a small IM server for communication between teachers in my school. My problem is that when the server scans AD for users, it gives me every account on the server - including teachers, students and computers.
I would like the server to only be able to be accessed by teachers and staff…no one else. I’ve been trying to setup the base DN to point toward the container with just the staff members account, however after I set it up, the server disconnects me from the webadmin and won’t allow me to log back in until I change the base DN back to the root.
I tried searching, but couldn’t find anything. Any help would be greatly appreciated. Thanks
It sounds as if your not in the base DN you are specifying. If you are then I would presume you are entering the base DN path incorrectly. If you are adjusting this via the admin gui, does it pass the test of the LDAP settings?
Thanks for the fast reply. Yes, it does pass the test, but right after it kicks me out and won’t let me log back in until I edit the openfire.xml file and change the base DN back.
Essentially, I put this in the baseDN text box - cn=school staff,dc=domain,dc=local - with this setup, it passes LDAP tests, but kicks me out. I have to remove the cn=school staff to get back in.
Just as a side thought, is it possible to have the server look at more than one container within AD for users? I would think this would aleviate my problems. Just trying to think outside the box. Thanks again.
What kind of server is the LDAP server? Is it AD? If it is this is how I targeted a Particular OU: OU=accounts,DC=ad,DC=domain,DC=com
You can target multiple containers, sort of, by using the top of the domain structure, like you have now. Then create filters to exclude the unwanted accounts.
I thought about the filters but wasn’t sure how to go about using them. I’ll do a search to research it, but if you could possibly point me in the right direction, that would be great.
The other problem you may be having is that you have spaces in your OU names. That is technically not so good. Also if you notice I did not use CN= I used OU=. As for Filters I have no real experience with this as I do not need them. I actually restructed my tree to meet my needs.