powered by Jive Software

Changing the domain part of JIDs

Hello,

I am running OpenFire 4.2.1. The JIDs are in format username@jabber.olddomain.com.

We changed our domain, the “olddomain” became “newdomain”. “Olddomain” is not in the public DNS anymore.

It would not be a big deal as our employees use Spark which does not care about the domain part of the JID (it needs username, password and server). And we have jabber.olddomain.com in our internal DNS. But I need our users to be accessible from outside (s2s) and it is apparently not possible to use the JID with non-existent domain for this purpose.

So I need to change the domain part of our JIDs to the new domain. At the same time I decided to make the JIDs equal to e-mail addresses (without the “jabber” domain part) as recommended here - FAQ (Frequently Asked Questions)

I have already set up SRV records for newdomain.com according this document - https://wiki.xmpp.org/web/SRV_Records

Now the last thing - changing the JIDs in Openfire. I ran into this thread which is probably relevant here - How can I change my domain? . But the information in this thread is sort of brief. So I am going to set false in my openfire.xml and restart the service.

  1. Do I understand it right that I will be able to log in to the Openfire web configuration using my current admin password?
  2. Will the setup wizard offer me current settings so I could change only the xmpp domain?
  3. All user accounts will stay intact?

There should be a 0) step to make backups.

  1. After you complete the setup yes, old password should work, though it might (or not) ask you to change or confirm the password during that setup. Can’t say for sure as i haven’t tried to rerun setup on a working server for a while.
  2. It should offer same settings, though one may need to reconfigure LDAP connection if it is used. You should probably only need to change domain. Maybe it will ask for a DB connection string. It doesn’t if internal database is used, but not sure about external one. You can check connection string in openfire.xml before running the setup.
  3. Should stay intact. At least in a few tries i did in past. But in your case it should actually change domain part of all users and probably of all contacts in every user’s roster.

I forgot to mention it but yes, I plan to make backups the same way I do during every Openfire update (stop the service, backup the directory C:\Program Files\Openfire and backup the db itself). I hope this is sufficient.

I use external database (MS SQL), but I have the needed credentials ready.

Thank you very much for the info, I guess I might try to do it tomorrow. :slight_smile:

I am sorry to say that I did not succeed. :frowning:

In the last step the wizard wanted current admin password - I entered it correctly (I had verified that it was correct by logging in to admin account before my playing with Openfire) but the website kept telling me “Please enter the correct current password”.

I tried the procedure two times (so I had to restore the db and installation dir) - the same result in both cases.

Maybe an error in the setup wizard?

you can try the following.

manual update the following system properties
xmpp.domain to refect what you want your domain to me
admin.authorizedJIDs change the old domain value in the JID to the new value
next go to TLS/SSL Certificates> Under Identity store click Manage Store Contents. Delete old certificate and create new one (if using self signed, otherwise import new certs for your new domain)

restart openfire

1 Like

speedy’s suggestion could work. Though in the past i’ve seen reports that changing it via system properties doesn’t update all the users and rosters properly and that going through setup is the better way. Admin login probably doesn’t work because of the JID change. Not sure if this would work, but you can try adding a user with new JID to admin.authorizedJIDs before the setup, like admin@newdomain or maybe some other user (you can remove it from admins later). So on the password page you would try to put the password (if you added admin@newdomain) or try to skip that step.

And it did work, thank you both. I did exactly what Speedy suggested. I even tried s2s from my external Jabber account and that worked like a charm too. :slight_smile:

I hope this thread will help many others seeking solution to the same problem!