looking at the archives this isn’t an uncommon malady. it doesn’t help that LDAP is a brain scrambler to begin with. in my case, it’s that, and it’s a relatively new deployment - we haven’t even released it into internal production yet.
that said - openfire is working with our LDAP servers. all the users show up, woo hoo! unfortunately, if i use the defaults within the ‘group mapping’ config, it lists all the users as well as all the groups. but what i want of course is it to just list the groups. what i thought would be possible would be to allow only those users that i create within a group i’ve named ‘openfire’, but for the life of me i can’t figure out how to do this. my relative unfamiliarity with LDAP assuredly does not help!
here are some example entries from my server, with some details necessarily blurred…
dc=mymysterydomain,dc=com (4)
cn=Directory Administrators
ou=Groups (9)
cn=ALL
cn=CRM
cn=DEV
cn=DW
cn=Openfire
cn=PROD
cn=QA
cn=TECHOPS
cn=Zenoss
Create new entry here
ou=People (26)
Create new entry here
uid=billy
uid=bobby
uid=buddy
uid=bork
Create new entry here
ou=Special Users
Create new entry here
o=netscaperoot (2)
that’s from phpldapadmin, if you hadn’t guessed. i have no idea what sort of combination of Group Field, Member Field, and Group Filter will give me what i want…
any clues from the LDAP-clued would be gratefully accepted.