powered by Jive Software

Cannot login after reboot - Openfire 4.2.1


#1

Hi,

I have Openfire running on Debian, been running fine for a long time. After I restart the server (assigned more RAM for the VM), I cannot login to chat client or admin console with my personal acc and the “admin” username.

Openfire was setup to authenticate with AD credential.


#2

You have probably changed in your AD during that time (password of that AD user). Maybe it was still running as i had it cached or something. Or you haven’t tried to login after that change. @speedy might help in that case. I think you need to change its password directly in the database now.


#3

yeah…its likely the account used for connecting to ldap has changed…maybe the password expired or the account is locked out. I don’t know if you can change it directly in the database, but you can change the setup flag in the openfire xml to false, and rerun the setup wizard…


#4

I just run the setup again, can login from the chat client, and can login to admin console with “admin” account. Tried to add my account to be admin, restart openfire service and it cactus again.

Seem that the authentication with AD is really delicate

Nothing change with AD, openfire is not the only service I have using LDAP. I installed OsTicket the same time and it never had any issue with AD accounts.


#5

How did you do this? Also, does the user running Openfire have permissions to write into /openfire/ folder?


#6

ohhh I tried but fail, what I did was editing the /etc/openfire/openfire.xml and add
< admin> < authorized … < admin>

restart the openfire service. It didnt work because the section I add was removed of the xml file, look like that file is the output.


#7

Everything you add into that section is imported into database during a startup and then removed from the openfire.xml. This is by design. Btw, you don’t have to do it this way. If you have access to Admin Console, you can just go to Users, edit the user, Edit Properties and mark the Grant admin access to Openfire. Not sure if this still works with LDAP integration.


#8

I deployed a new server (have the original .ova ) doing the setup now, enter LDAP for AD information, test connection success, but fail at the last part of the wizard, the Admin Account.

Cannot add admin, I click on Admin Account again and it give me the option to reset password for “admin”, every password combination fail, tried “admin” “admin”. Skip that step, hoping that I can use “admin” “admin” to login but No.


#9

not with LDAP, the user database is read only.

I have it working now, with only “admin” is administrator.


#10

I just restart the server (Turnkey LAMP on Debian 8) and cannot login the admin console. Client (Spark) cannot login Openfire server.
I think some services is not started when the server boot up.


#11

Is openfire even running?


#12

Yes, I can confirm by browse to admin console login page
And query by: systemctl status openfire.service
Also restart by: systemctl restart openfire.service

Unless there is a different way to run openfire

I even do again with a Debian 9 LAMP, install OpenFire 4.2.3 , connect to my AD, all well and good. Can login admin console, can chat via client. Restart the server, cannot login anymore.
Just repeat the process using Ubuntu 16, install Openfire. , connect to my AD, all well and good. Can login admin console, can chat via client. Restart the server, cannot login anymore. So it is not the OS, must be something to do with how Openfire talk with AD, or the server setting.


Openfire official install/setup guide