Group Filter Complications

Looking for a bit of help with Group Filters. I have been able to narrow down the user filters through searching the forms but I feel like I may be a bit confused when it comes to group filters. Let me explain -

We are deploying a new IM services in a very limited scope. Within that we want to limit who can talk to who and we would like Spark to autolist the contacts a particular user is able to contact. From my last post I’ve learned that all of our requirements are possible, we just need to do some work implementing them.

I’ve created two Groups in AD. One group, “IMUsers”, contains all of the users allowed to use/login to Spark. The other group “IMGroups” contains all of the AD groups that we would like to sort contacts by (IT, HR, Management, etc.). From my reading, I believe that I have AD groups setup correctly.

So far I have been able to use the search filter to limit users to those in the IMUsers group (thus limiting who can log in). However, I am unable to form the right query (I suppose) to get the groups listed in IMGroups to show up in the Groups summary of OpenFire so that I can further manage how things are laid out.

Here are my filters:


**searchFilter: **((objectClass=organizationalPerson)&(memberOf=CN=IMUsers,OU=User Groups,DC=domain,DC=net))

The above two work flawlessly. All users in the IMUsers group show up in the users section of OpenFire and no one else can login. The next step (adding groups to the group section) is where I am struggling. Here is my LDAP query:

**groupSearchFilter: **((objectClass=group)&(memberOf=CN=IMGroups,OU=User Groups,DC=domain,DC=net))

I’m struggling to see what is wrong with the filter, is it not possible to list groups within groups?

Edit: If it helps at all, setting the groupSearchFilter to just - (objectClass=group) does not return any results.