AD groups retrieved as SID

Juan_Carlos_Camargo · May 11, 2010, 6:41am

Hi,

I’ve noticed that my 2003 Active Directory groups are retreived as SID instead of group name. The AD connection works fine for user authentication and the ldap group config in Openfire has been filled with defaults. But if I list the groups in the administration console I only get a list of exactly 1000 groups , all sids, with 0 members and 0 administrators. However if I use the search field and query any group name , let’s say, EPR_SISTEMAS, then the group is retrieved correctly with its name along with the number of members. There’s an older, unanswered post with this same issue originated as I could read from a server update. I’ve been updating the product and never noticed this , well, maybe because we dont use group authentication here. But now we’re planning to enforce security and that has become an urgent need.

Any ideas?

Regards!

Milan_Enev · May 11, 2010, 10:55am

juankar wrote:

… However if I use the search field and query any group name , let’s say, EPR_SISTEMAS, then the group is retrieved correctly with its name along with the number of members…

Any ideas?

Regards!

Well, why dont You use * as grop name filter?

If you are hitting 1k limit please taka a look here.

Message was edited by: Milan Enev

Juan_Carlos_Camargo · May 11, 2010, 11:16am

I never needed group authentication , or at least not the kind I could get out of the AD. So I just kept the default config as it was.

Anyway, your answer solved my problem. And best of all , made my day

Thanks a lot!!