powered by Jive Software

Authentication with anonymous LDAP access and local passwords


I understand how to set up openfire so that only users listed in a LDAP server can register for IM. However, in my case the LDAP server is open and only provides anonymous access so there is no point in attempting authorization through it.

My question is then, is it possible to restrict registration to users listed in a LDAP server, but to allow them to choose their own password (which would be stored in openfire’'s local database)? How?

Thank you


I guess that the default LDAP provider does not allow this and that you are the only one which would like such an option. It may be possible to write another LDAP provider to do this but I assume that no one will do this.


Actually, I’'m interested in this same thing. I just want the LDAP sync to create the accounts, but allow me to use a default password for all my users. Otherwise, every time a user changes their AD passwords, they have to go into their IM client and change the password there too. That will cause too many problems, especially with 200 employees. Any ideas?

A better solution for the AD environment is to configure SSO. Spark uses the one used to log into the computer. So if the password changes it does not matter. Some of my previous questions deal with configuring SSO and the resolutions.