Connection Settings - LDAP

Ok, here is my situation.

I am trying to connect the openfire server to our active directory but keeps on giving me this error:

“Error Authenticating with the LDAP Server. Check Supplied Credentials”

My active directory is running on a windows server 2008 datacenter, yes, firewall is disabled.

dns is working fine. (both ways, I can ping both ways from the dom computer and the host)

I have tried using for administrator dn,

as well as the format: cn=username,dc=fullyqulified,dc=domainname

base dn is in this format: dc=server,dc=domain,dc=domain

nothing works

what do you guys think

as a general policy on the domain computer we have to use complex passwords (i don’t know if that has something to do with anything)

I have used administrator accounts, and local usernames.

the member server is “not” a part of the domain. (is a stand alone server)

This may seem like a dumb question but are you sure about the domain’s full name? For example if your real world domain is your AD domain could have a prefix such as This would be what you need to use after the at sign and in the BaseDN. You also need to be pointing at a Domain controller for this to work I think, as I am unsure about the Server 2008 you reference. The openfire server should not need to be on a bound machine to work. There are 3 accepted structures AD will accept for authentication via the AdminDN:


great job,

What my mistake was I was using CN with, so, CN=username@ful… .com

which wasn’t working.

Using your post as an example, I opened my eyes and really looked closely; and boom! I found it.

Great job on great work!

Does that mean you have it working now? If so you may want to mark this question as answered

Yes, working without a problem, you know I have used this program before and can’t praise it enough.

…and I had this same error that I had to deal with back then as well but had it working some how.

This time I took multiple screenshots and sent them to all my email address so as in the future id be able to get a hold of it.


I keep an archived copy of my openfire.xml on hand so that I always have a reference to base new setups on. In fact you can use in new installs by editing the <setup> tag to be false. Also I have it in these forums all over the place. Mostly for vCard settings for other users. In fact you can have a copy too.