I’m having much troubles setting this type of configuration.
Our domain authenticates users to Active Directory and uses shared groups.
While using local users this works perfectly.
Our organization is separated into different locations with its own domains and we need to share those users to ones of our domain.
Server to server is ok.
If I add a remote user into a shared group, the remote user will get a roster request. To avoid that, I configured automatic subscriptions plugin at the remote domain. This did not work first because this plugin captures also subscriptions answers. I made a modification to handle only subscriptions from remote domains, thus the answer is not captured and returned to the originated domain.
This configuration works when a user manually add a remote user to its roster from its client. The remote user accepts automatically and local user see its presence and can send him messages. But doing the same thing with the web interface does not work. When I add user using this way, server still see the remote user offline and clients see the remote user offline to as if request was not accepted.
Looking at the logs, local users that should see remote users get presence with 403 error messages when I add remote users from web interface.
Is there any way to achieve this or will I have to change the server?
By advance, thanks.