I have Openfire connecting to AD through LDAP. In the admin console it lists all of my users in the User tab, but when I go over to the groups tab, they are all empty. Even the Domain Users group. I’m trying to have Spark autopopulate the contact list with a Spark security group I have set up, which contains all users. Any ideas?
I’ve tried restarting the server and the client, no help there.
Sounds like your ldap query isn’t right. ldap.groupSearchFilter is the property you need to set to group the users.
If I set the group filter to (objectClass=group), and hit test settings, it will list all the groups that are supposed to be there, even with the correct number of users in the group. But the groups are still empty when I look at the groups in the admin console.
You need more than just (objectClass=group). As an example, here’s how I have mine set:
(&(objectClass=group)(|(CN=IT)(CN=Ben)(CN=Brattle)(CN=Middlebury)(CN=Montana)(CN =Morse)(CN=Port)(CN=Cand)))
The containers (CN) listed are my groups, based on location. This is telling Openifre to group based on these groups I have set up in AD. Anyone I have put in the “IT” group in AD will appear in the “IT” group here.
Correct me if I’m wrong, but I think just using (objectClass=group) will not work because nested groups are not supported. As a result, it just decides to use one “group” which will only have direct members in it.
I ended up figuring this out at the same second that you posted. I created a security group called Spark, added all the users to it, and used (&(objectClass=group)(CN=Spark)). Of course…that’s also one of the things I tried before and it worked after a reinstall…