I’m new with Openfire. I use AD.
The LDAP configuration has me a bit confused. It takes a very simplistic look. From the various online comments I see that I can’t point to different OU’s for users and groups. I also see that it’s not easy to use a group to control access.
I have a couple of basic questions to get me over the understanding hump.
What method can I use to control who has access to the Openfire server?
Do I use AD/LDAP groups to organize the user lists?
Can a user be a member of more than one group?
Do the users use the Spark client to organize their own contacts in personal groups?
Depending on the above answers, can I just point Openfire to an OU with Groups containing my authorized users? No user objects in this OU.
Basically my goal is:
Control Access to Openfire.
Present users with predefined groups organized by Office and Departments. (Therefore users will belong to multiple groups.)
Any suggestions or how to’s will be greatly appreciated.
PS. My AD Structure separates Groups and Users. It also separates user objects by employee, software service, supplier, etc… I can’t point Openfire to the top of that structure without complicated LDAP search filtering. In fact, I don’t believe it’s possible. And of course I can’t re-organize my AD because of limitations within Openfire. Forgive me if I’m wrong in my conclusion. Feel free to correct me.