Help, OpenFire not pulling users in sub-OU's of the AD(Zentyal 6.2)

I need some help. We have been using Openfire-Spark for a while now pulling LDAP users from our Zentyal 6.2. We started moving AD users to different OU. Our old OpenFire stopped “seeing” the users we moved. Because it was a very old install I rolled up a new Ubuntu (20.4) and installed the newest OpenFire (4.6.0) But I still have the same issues. This is what I have in the LDAP settings;
--------------------------------------------------------------------
Connecting to ldap://[domain.lan]:389 no StartTLS
Base DN: CN=Users,DC=[DOMAIN],DC=lan
Administrator DN:CN=Administrator,CN=Users,DC=[DOMAIN],DC=lan
User mapping Field: sAMAccountName
Mapping

  • Group: cn*
  • Member field: member*
  • Description Field: description*
    ---------------------------------------------------
    In the AD the used structure is;
    [Domain.lan]
  • Users (container) - users in this are all working correctly
  • Company (Organizational Unit)
    • HR(OU)
    • Agents (OU)
      • Dept 1 (OU)
      • Dept 2 (OU)
      • Dept 3 (OU)

Only users in the Users container are working. When I move someone to their OU they are lost for the Openfire Users/Groups.

Can anyone help direct me to where I am messing up?

its because your base dn is pointing to the user container, making it the top level of the search.

you can remove CN=Users or per your example, change it to the OU that holds all the sub ou
Base DN: OU=Company,DC=[DOMAIN],DC=lan

I personally like to use the root of the domain as my base dn
Base DN: DC=[DOMAIN],DC=lan

That did it! Thank you so much.