Auto populate user group in Spark/SparkWeb

I dont know how to describe my question but i can describe what i want in my spark.

I just install Open Fire and Spark Web in my Ubuntu based server.

The sparkweb working just fine, just now i install Spark for Windows and it also working just fine.

However, there is one thing that i would like the spark web and spark show.

In my AD, the users are registered according to their department.

Since i am using LDAP authentication, i want the sparkweb and spark to populate the users based on their departmental group.

The default contact interface in spark and sparkweb is empty, user have to search or add the contacts manually.

Since i am using this for my company, how to make the sparkweb and spark show or auto populate the users (online and offline) based on their departmental groups in AD?

Openfire Automatic Roster Population via Shared Groups

That is so much hassles…

Take a look at my AD structure (attachment) , then u will feel that i need another solution.

I fyou are referring to all those OUs. They don’t matter. Openfire will only use Groups which are CNs just like user accounts. You must manually share the groups via the openfire admin interface. You may be able to manually manipulate the database but you would still have to create the script. It would be the same hassle just a different way.

Todd,

I try the group sharing in the admin interface. In spark, the user list came out. Thats good.

The problem is, i dont want the users are listed like that, i want the users are listed and separated with their Department name.

How to do that?

Like I said your OUs are not groups. You need to have Security Groups in AD that are for each of your departments.

i dont understand much of what you said

The AD is not designed by me and its like that when i start working here.

can you give me some guide how to do like what you said?

Right now all your users are in those yellow folders by department. those yellow folders are OUs. OUs are not groups, they are an Organizational Unit (a glorified virtual folder). OUs are used to house various containers or CNs. CNs can be either users or groups. These CNs are what LDAP uses for authentication and rights management, not OUs. If you want to add a group to a roster you need create Security Group in AD in a OU that is within the BaseDN you defined in Openfire. This is done with the windows MMC called Active Directory Users and Computers.

you need create Security Group in AD in a OU that is within the BaseDN you defined in Openfire
How to do this?

FYI, the screenshot i gave was from the Active Directory Users and Computers

See the image below for an example. Not the button to create a group where the pointer is. That will create a new croup in the highlighted OU. Once you create the group add the users to the group.

Ermm…what kind of Group Scope? - Domain local? Global? Universal?

What kind of Group Type? - Security? Distribution?

I use Security Groups because that is what this is. Distribution are Email groups. Then I set them to global. They do not need email accounts.

OK…i test create one group…then the group appear in the admin panel…

now there is still one problem…

when i share the group, the user is listed one by one in the roster…

i want it to be listed with the group name separate each group…

Did you name the groups like I show in the video? If you did your roster will look like this:

let me try it again

Hi Todd,

I have try it. It still the same. There is only Offline Group in my roster. Look at the attachment

One more thing, i have create a new OU called Groups and inside that i create security groups like you suggested (refer attachment 2)

Then when i check at the User/Groups section, the group i create in the new OU is not appear at all.

FYI, in the openfire admin panel, for the ldap.groupSearchFilter, i put (objectClass=group).


Hi Todd,

Is there any solution?

Without see you config settings for openfire as compared to your AD setup I cannot be much help. There is a mismatch between the 2.

I’m sorry Todd,

I don’t understand what you mean. Can you explain?

What I mean is without see the way you configured your openfire install to connect to AD, as compared to your AD structure, there is not much more I can do. My guess is your AD Structure does not match the way you configured Openfire to look at AD. This comes from the way you have your AD tree organised (or lack there of as it may be). If you look at my sample pictures I already posted, It shows an example of segregated AD structure that works well with LDAP.