powered by Jive Software

Displaying CN/DisplayName as Username instead of samAccountName?

Hi, we have here the latest Openfire 3.6.4 server and Spark 2.6 Beta2 clients… user Accounts are mapped via the AD/LDAP service.

What i noticed is that even in spark and on the server console the users are allways displayed with there logon name instead of the cn/displayname from the ad…

Where can i change that behaviour in spark so that the contacts/users are displayed with the displayname?

And is it possible to limit the openfire/spark access to a ad windows user group?

thx

Volkan

To change the name shown for AD users change the following Server Property in Openfire:

ldap.nameField to either cn or displayname

You will need to restart Openfire for this to take effect

You can limit access to Openfire to a members of a specific AD group by changing

ldap.searchFilter

e.g. I use:

(&(objectClass=organizationalPerson)(memberOf=cn=Openfire-users,cn=Users,dc=comp any,dc=local))

Where Openfire-users is a group within Users.

You can also limit displayed groups (this supports wildcards)

ldap.groupSearchFilter

(&(objectClass=group)(cn=Openfire-*))

All my Openfire users are members of a ‘master’ AD group (Openfire-users) which allows them access to Openfire, and are also members of other groups (e.g. Openfire-admin) for organisation/rosters.

1 Like

thanky ou rob_m

i dont have a ldap.fieldname propertie!?

i just have this ones for ldap:

  • lldap.adminDN
  • ldap.adminPassword
  • ldap.autoFollowAliasReferrals
  • ldap.autoFollowReferrals
  • ldap.baseDN
  • ldap.connectionPoolEnabled
  • ldap.debugEnabled
  • ldap.emailField
  • ldap.groupDescriptionField
  • ldap.groupMemberField
  • ldap.groupNameField
  • ldap.groupSearchFilter
  • ldap.host
  • ldap.ldapDebugEnabled
  • ldap.nameField
  • ldap.override.avatar
  • ldap.port
  • ldap.posixMode
  • ldap.sslEnabled
  • ldap.usernameField
  • ldap.vcard-mapping

should i add the propertie maually?

thx

Volkan

Sorry my mistake!

Should be ldap.nameField - I have corrected my post above

thx, i had cn has default inside… changed ldap.nameField from cn to displayName and restartet the openFire server… same result, just the logon name are visible on the spark clients (?)

did i miss something?

What is shown in the Openfire admin console?

Is the displayname actually correct for all users AD accounts?

I use jxplorer to test LDAP queries.

I also have a second test Openfire installation that I trial these changes on first.

on the server console > sessions, i see just the logon names

Please check my config screenshot

Sessions are based on the ldap.usernamefield, which by default is sAMAccountname. This is a unique field in AD.

However the name that is displayed is based on ldap.namefield (displayName in this case). This is not unique, so cannot be used as a session login.

What is listed in Users in the Openfire admin console?

Username should show the sAMAccountname.

Name should show the displayName.

Username is the sAMAccountname and Name is the displayName.

Is there a special setting on the spark client?

On “ldap.nameField” i have cn inside, if i change to displayName, no logon are possible!?

The name on the session tab are only as sAMAccountname displayed…

any other idea?

Volkan

Clear all openfire caches then quit spark, and restart openfire. If that does not work delete the spark user information from the user’s profile in windows. You can leave the spark.properties file.

Also your vCard settings are wrong. I see
in them. there should not be breaks in there. Use the settings here: http://www.igniterealtime.org/community/docs/DOC-1773

Username is the sAMAccountname and Name is the displayName.

That is what I would expect, and should give the desired results.

Is there a special setting on the spark client?

I don’t use Spark, but see sixthring’s response.

On “ldap.nameField” i have cn inside, if i change to displayName, no logon are possible!?

I don’t know why you would get this result, although setting ldap.usernameField to displayName, would cause this.

However showing displayName as Name in Users implies this is set to displayName?

The name on the session tab are only as sAMAccountname displayed…

That is correct.

thanks sixthring, i have now

  • closed spark

  • replaced the vCard setting with the one from the DOC

  • replaced the ldap.nameField to displayName

  • cleared all caches on > server management > cache summary

  • restarted openFIre

  • started spark

result, same

Volkan ?

Purge the stuff out of the spark folder in the user’s profile. only keep the spark.properties file.

It may also be worth logging in to Spark as a different user, or on a system that hasn’t run Spark before.

That way you can check that the correct details are being pushed to the client.