We have setup a number of servers (openfire 3.5.1) running on RHEL4. We are using an openldap directory replicated across the servers. Each openfire server authenticates against the locally running ldap instance. Users log in to their local server, but can add in users from the other servers.
We have groups setup so that user rosters are automatically updated. The problem we have is that we want to set up groups that contain users on the other servers. This doesn’t seem to work when using ldap groups.
Th ldap schema is:
member: list of full dn’s
All usernames are full email addresses e.g. firstname.lastname@example.org. The full dn’s look like: