AD user not being populated in roster

Openfire Openfire Support
1

Hi,

I wonder if anyone can help me with a little problem I have…

I’ve added a user to AD and it autheticates with LDAP. I have an Openfire server (3.3.2) which successfully locates and populates the roster from AD except one user!! I’m getting nothing from the logs except debugging information which might be quite helpful in diagnosing the issue. Here is the debug info:-

2008.01.25 16:00:12 Creating a DirContext in LdapManager.getContext()…

2008.01.25 16:00:12 Created hashtable with context values, attempting to create context…

2008.01.25 16:00:12 … context created successfully, returning.

2008.01.25 16:00:12 Creating a DirContext in LdapManager.getContext()…

2008.01.25 16:00:12 Created hashtable with context values, attempting to create context…

2008.01.25 16:00:12 … context created successfully, returning.

2008.01.25 16:00:12 Trying to find a user’s DN based on their username. sAMAccountName: davisond, Base DN: DC=upco,DC=co,DC=uk…

2008.01.25 16:00:12 Creating a DirContext in LdapManager.getContext()…

2008.01.25 16:00:12 Created hashtable with context values, attempting to create context…

2008.01.25 16:00:12 … context created successfully, returning.

2008.01.25 16:00:12 Starting LDAP search…

2008.01.25 16:00:12 … search finished

2008.01.25 16:00:12 Creating a DirContext in LdapManager.getContext()…

2008.01.25 16:00:12 Created hashtable with context values, attempting to create context…

2008.01.25 16:00:12 … context created successfully, returning.

2008.01.25 16:00:14 Trying to find a user’s DN based on their username. sAMAccountName: griffithso, Base DN: DC=upco,DC=co,DC=uk…

2008.01.25 16:00:14 Creating a DirContext in LdapManager.getContext()…

2008.01.25 16:00:14 Created hashtable with context values, attempting to create context…

2008.01.25 16:00:14 … context created successfully, returning.

2008.01.25 16:00:14 Starting LDAP search…

2008.01.25 16:00:14 … search finished

2008.01.25 16:00:14 User DN based on username ‘griffithso’ not found.

2008.01.25 16:00:14 Exception thrown when searching for userDN based on username ‘griffithso’

org.jivesoftware.openfire.user.UserNotFoundException: Username griffithso not found

at org.jivesoftware.openfire.ldap.LdapManager.findUserDN(LdapManager.java:626)

at org.jivesoftware.openfire.ldap.LdapManager.findUserDN(LdapManager.java:554)

at org.jivesoftware.openfire.ldap.LdapAuthProvider.authenticate(LdapAuthProvider.j ava:95)

at org.jivesoftware.openfire.auth.AuthFactory.authenticate(AuthFactory.java:149)

at org.jivesoftware.openfire.net.SASLAuthentication.doPlainAuthentication(SASLAuth entication.java:444)

at org.jivesoftware.openfire.net.SASLAuthentication.handle(SASLAuthentication.java :202)

at org.jivesoftware.openfire.net.StanzaHandler.process(StanzaHandler.java:141)

at org.jivesoftware.openfire.nio.ConnectionHandler.messageReceived(ConnectionHandl er.java:132)

at org.apache.mina.common.support.AbstractIoFilterChain$TailFilter.messageReceived (AbstractIoFilterChain.java:703)

at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(Ab stractIoFilterChain.java:362)

at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilt erChain.java:54)

at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceive d(AbstractIoFilterChain.java:800)

at org.apache.mina.filter.codec.support.SimpleProtocolDecoderOutput.flush(SimplePr otocolDecoderOutput.java:62)

at org.apache.mina.filter.codec.ProtocolCodecFilter.messageReceived(ProtocolCodecF ilter.java:200)

at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(Ab stractIoFilterChain.java:362)

at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilt erChain.java:54)

at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceive d(AbstractIoFilterChain.java:800)

at org.apache.mina.filter.executor.ExecutorFilter.processEvent(ExecutorFilter.java :266)

at org.apache.mina.filter.executor.ExecutorFilter$ProcessEventsRunnable.run(Execut orFilter.java:326)

at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(Unknown Source)

at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)

at java.lang.Thread.run(Unknown Source)

The user is able to login to windows with this profile and also uses other facilities that rely on LDAP authentication, so the problem points to the server, but I’ve been tearing out my hair so I thought I’d offer it up to anyone who might’ve experienced and/or resolved this issue.

Thanks in advance for any help offered.

Best Regards,

Chris

2

Please find attached the debug log in a text file.

Best Regards,

Chris

3

Anyone out there? Never waited so long for response to a thread!

Any help will be gratefully received.

4

I am responding more so you have one . Did you clear your roster cache on the server? Did you clear your LDAP cache? Are you using any user filters with your LDAP config on the openfire server that the user may be excluded from? Just a few Ideas. This has been reported by several other users as well. You could try upgrading you Openfire version. Also how many accounts are we talking about total, including the one not working?

5

Probably noone has a clue

I read it and I don’t. I can only come up with some basic questions:

Is this user in the same OU as the others that are able to login?

I would not suspect the server to cause the error directly as the “user not found” is an error your LDAP reports, i guess.

Have you applied a filter? If yes, post it. It’s probably not matching this user (for whatever reason) but everyone else, so Openfire receives a “not found” with the filter while Windows is able to login as it doesn’t care about this filter.

6

I am having a similar problem. I successfully added all of my users through LDAP, the users and groups show up on the server, but when I log into spark I get no users. I cleared the Roster Cache, but still nothing. Is there a setting I am missing? I am a IT PRO, but this is my first time configuring OpenFire. Using 3.4.5.

7

By default no users will appear in your Roster. you would need to share a group in Openfire for an autopoplation of users to your roster. The subscription plugin simplifies the process of adding users to a roster, as it can be configure to Accept all subcription requests.