If you used groups in your previous installation you will need to clear the table ‘‘jivegroupprop’’ in your database server.
Also remember that when upgrading from a previous version you should check to see if there are any SQL scripts that you need to run.
Edit your jive-messenger.xml file:[/b]
The provider section of the XML file is the only section that must be edited when dealing with Active Directory, other XML properties are optional. The provider section of your XML file should read as follows:
This search filter will populate all groups whose name starts with ‘‘jive’’. So a group that is named ‘‘jiveSupport’’ would be populated but a group named ‘‘support’’ would not be populated. Remember that you can change the display name that will be displayed in the client later. I recommend that you be as specific as possible when creating your search filter so JM isn’'t doing more work than it has to. Here is another example search filter that specifies three specific groups to be populated by jive: Example:
Regardless of the search filter that you choose you must include member= somewhere in the search filter. An example LDAP section of the JM XML file is given below:
localhost 389 sAMAccountName cn mail CN=Users,DC=example,DC=com example\jive jabber
Configure groups inside of the Admin Console:[/b]
Inside of the admin console click on ‘‘Users/Groups’’ and then click on ‘‘Group Summary’’. You should see all of the groups specified by your search filter here. Configure each group with a display name and choose roster preferences for each group by clicking on the group name.
If you get stuck or have any questions let me know.
This guide was meant for Active Directory, there are some other configuration options that you need to set in the case of openldap. Give me a couple of minutes and ill post them.
The first thing you need to know is how users are stored in your LDAP server. If users are stored by their full DN or if they are stored by their user name. If they are stored by their user name only then you need to set the posixEnabled LDAP property to true. By default this property is set to false. I do not know of another LDAP server that stores members in a group by their full DN other than Active Directory. So most likely you will need to set this to true.
Example:
Other properties are as follows:
ldap.groupNameField – the field name that the groupname lookups will be performed on. If this property is not set, the default value is cn
ldap.groupMemberField – the field name that holds the members in a group. If this property is not set, the default value is member
ldap.groupDescriptionField – the field name that holds the description a group. If this property is not set, the default value is description
within the group. If this property is not set, the default value is false
Last but not least:
You need to set the group search filter. Some of the rules mentioned above still apply but if you are a non Active Directory user you definitely need to change the group search filter.
Example group search filter for non Active Directory LDAP server:
(member=)
**where member is the value set by ldap.groupMemberField. Sample XML LDAP section for non Active Directory LDAP server:
localhost
389
uid
cn
mail
CN=Users,DC=example,DC=com
example\jive
jabber
(uid=)(member=)
Using the new directives (and I believe adapting properly to our system, though I’‘m not 100% which parts of these strings need to be adapted), I have no luck with groups. I can authenticate against AD, but groups aren’'t going. I have the linked installer for beta 2 of 2.2 installed:
I changed jive* to an AD group that everyone in the company is in just as a basic test–nothing. Other than adding this last part to the provider section, am I missing something else in the configuration? We are using AD from Windows 2000.
I’‘m using LDAP / Active Directory (2000) I followed your step, I can see a list of user and computer object (can remove them just need to add a filter) but I cannot login with a username and password. It says all time : you are not authorized to login. (message from client side) I’'m using as client JAJC v0.0.8.110.
I can login to administration page using a domain admin account (or administrator account).
In fact i wasn’'t able to connect because of the client side.
I had to enable SSL and select plain text as a way to authenticate.
After that the connection was encrypted via SSL between the client and Jive and the password sent in clean text in the encrypted tunnel who were easy to read by the IM server.