Duplicate accounts in active directory not appearing

I am connecting to active directory using the global catalog port 3268. I can succesfully display almost all of my users. The issue I am having is that any account that is duplicated in my subdomains (domain1\jdoe and domain2\jdoe) do not appear. This is all in one forest and I am using the top of the forest as my baseDN. I noticed that the groups act fine in this regard as the duplicates in the different subdomains all list.

Is there anything I can change in the config to allow it to display duplicate user accounts?

I’m running into the same issue. So far this is our only showstopper but I don’t think we’ll be able to rollout Openfire with this bug - anyone have a workaround or might this be fixed in a future update/release?

this is due to the fact that you are basing the user accounts on the AD LDAP field sAMAccountName. Duplicates would be ignored. You need to choose a different unique field for the username field.

Perfect, that worked. They’re showing up now in the user list, but what about logging in? I was able to get duplicates (jsmith@domain.com and jsmith@child.domain.com) to appear but i can’t get them to authenticate (spark client).

Whatever LDAP field you chose to be the openfire field that is your username to login. Then entire contents of the LDAP field is the login name.

Ok, so I’ve changed it from sAMAccountName to userPrincipleName but cannot login with user@domain.com. If i redo the setup and enter userPrincipalName and then Test Settings it claims to succeed but all of the random users it chooses are completely blank.

Even when set to userPrincipleName im still able to login with the sAMAccountName…

Is this a limitation of a Java-based LDAP binding? I have another java application authenticating against the same Active Directory and experience the same problem there… no matter sAMAccountName, UID or userPrincipalName it won’t recognize duplicate users.

Sure seems like it is different. Maybe it is using a different field to lookup the accounts opposed to other searches which use a field that can only be unique?

having the same problem. but i solved it easy. i’m just creating a new container in AD named Jabber Users and create’s new users that not appeared in my database (with a small difference in names) and all workinf fine.

tryed to use different filters, use different unique ad fields to login, all useless. Think it’s openfire bug and find the only solution like i wrote higher