Here’s an interesting CS/OF integration issue that applies to the new CS 2.0/OF 3.5.0 authentication passthrough…
Clearspace 2.0 instance is authenticating via Active Directory/LDAP. In our case we have a few users that have been deleted from our AD domain, and as such they show in CS still (because deleting users in CS in unsupported) as a login name with no email address. We can disable them, of course, but they still are listed in the admin console.
Now, connecting OF 3.5.0 to this CS server for authentication, those same disabled/deleted users pass through. However, since they have no email address defined, the OpenFire user admin page errors out. Whoops!
The easy workaround is to assign placeholder email addresses to the inactive users, which I did – but it points out that the lack of a hard user delete in Clearspace is a problem that is now leaking over into OpenFire.