I have installed and configured to connect to my LDAP server (Windows Server 2003/AD). When I was looking through the LDAP settings in the OpenFire interface, low and behold, I see my Admin password stored in plain text for everyone to see. Granted everyone that has admin access to the OpenFire interface, but still.
Any thoughts or plans to perhaps conceal or disguise the password with asterisks or something. It would be greatly appreciated. I am extremely impressed with the program overall and completely love and support opensource. Keep up the great work.
Use a regular user. It doesn’t have to be an administrator.
This has been reported a long time ago and is planned to be fixed in the next version of the server.
http://www.igniterealtime.org/issues/browse/JM-1456
I have tried a regular user, but it doesn’t seem to work when I do that. If I use an admin account, then it works.
It will work with a regular domain user that has read rights to LDAP.
This may be a dumb question, but where do I assign those permissions?
For AD I use the Active Directory Users and Computers MMC snap-in.
Should work out of the box if you are using Active Directory, regular user accounts have read rights unless someone has removed or modified the rights for “Authenticated Users” from the security settings on the organizational unit.
To my knowledge, I have not made any changes to the default AD settings. However, a regular user definitely does not work. If I make the user a member of the Account Operators group, then it works. If I make the user an Administrator, then it works. A regular user that is only a member of the Domain Users group does not work. When I have a regular user configured as the LDAP Admin, no one can logon using Spark and I am no longer able to logon to the admin console.