powered by Jive Software

Help needed to setup the LDAP authentication with OpenFire 3.7.1


I am trying to setup the LDAP authentication with OpenFire 3.7.1

Following are my settings:

Step 1:

Base DN: dc=MyCompany,dc=com

Admin DN: CN=AdminUser,OU=C,OU=Useraccounts,OU=site,DC=country,DC=MyCompany,DC=com

Ex: OU=site,DC=country,DC=MyCompany,DC=com

–> site.country.MyCompany.com

Status: Success

**Step 2: User Mapping

Username Field: sAMAccountName

advanced settings:

Use Filter: (objectClass=user)

Test settings: Shows random user from the domain.

Step 3: Group Mapping

Group Field: cn

Member Field: member

Description Field: description

Advanced settings:

Group Filter: (memberOf=CN=ChatUserGroup,OU=Securitygroups,OU=site,DC=country,DC=company,DC=c om)

Test Settings: Shows the users from the group ChatUserGroup

In server settings --> Registration & Login, all the options are disabled

Current Status:

  1. I am able to login with any of the account belonging to the company domain via the Jabber server

Following are my requirements:

  1. Allow only users who belong the **ChatUserGroup **to login via the Jabber server

  2. How to add multiple groups in step 3

The LDAP group **ChatUserGroup **contains use different countries. Hence I have used the

Base DN: dc=MyCompany,dc=com

We are using Windows Active Directory

Thanks in advance


This is how I handle my groups. I use multiple groups so that I can map them to the roster and have the auto populate…but you can just as easy use a single group for authentication only.

Thanks Speedy

This helped me in setting up

But what I need is, I want only the uses belonging to the group should be able to login and not all users.

Currently with my settings every user who has a valid account in AD is able to login

Any advices?

Thanks a lot


in part, thats exactly what those setting will do.

not seem to work for me. IT allows users with valid NT account and not restricting to the usergroup

you may have missed a step. check your PM