How and where can you tell that Ldap is working with Wildfire?

Steven_Soo · May 25, 2006, 5:12am

Hi there,

Theres no mention of it in the logs area.

I can view ldap via the ldap browser but its not popuating in the admin console.

When I do a search on the server area or in spark it doesnt search AD?
Do I have to add users manually in Wildfire first before it retreives data from AD?
Also under system properties in the console, > xmpp.domain > Is that my wildfire server address ? or my ldap server address?

Ive checked a few posts on the forums and everyone seems to have different opinions and Ive tried some and it didnt work for me.

Any help would be great.

Here’’ is my current config.

LG1 · May 25, 2006, 9:06am

Hi,

I hope that you did remove “<!~~” before and “~~>” after the LDAP section. If you change “ADserver” or “389” to something which is not an LDAP server then wildfire will complain in the logs during startup that it can not connect to LDAP.

@ 1. Wildfire searches in LDAP,

@ 2. so adding users to Wildfire makes no sense

@ 3. The xmpp.domain is the one of your jabber server and has nothing to do with LDAP.

LG

jeff_garner · May 30, 2006, 4:57pm

ou=Users,ou=Active Accounts,dc=company,dc=com,dc=auCN=Sys Admin*,OU=Standard Service Accounts,OU=*Service Accounts,DC=company,DC=com,DC=au

Wildfire does not like spaces. If these are symbols of how you’‘re authenticating, create groups and accounts with and _ or a ‘’.’’

You could create a group for strictly IM users and add people to it then point the base DN to look there.

Once you get it authenticating to AD (LDAP) you will see everything, and users will be added in AD…

Jeff

Message was edited by: jeff_garner

Steven_Soo · May 31, 2006, 5:05am

Great. Thanks for your help.

At least I know Im not going insane.

However, if I did decide to rename the current OU “Active Accounts” to Active_accounts", would that break any of the other programs that rely on AD for authenication?

I dont want to have to change the whole infrastructure (eg. deployment etc…) to get WF to work.

matt · May 31, 2006, 6:02am

Huh, interesting. Spaces in group names causing issues is not a known issue. Can anyone else confirm? If so, i’'ll file an issue and see if we can get a fix in place.

Thanks,

Matt

jeff_garner · May 31, 2006, 12:34pm

We identified this a while ago. somethign about the spaces and the %20% stuff. here’'s one example of spaces creating an issue, there are more from around the same time frame.

http://www.jivesoftware.org/community/thread.jspa?messageID=116527&#116527

Jeff

Message was edited by: jeff_garner

jeff_garner · May 31, 2006, 1:00pm

Don’'t rename the group, create a new one, and assign your users into it. Windows is supposed to be ‘‘dynamic’’ but just like windows firewall, anti-virus, and security you gotta take that with a grain of salt. Create a group named IM or something, add you and a couple of folks into it, then change your baseDN to look at that group. if you can log in, then you know it works.

Jeff

Message was edited by: jeff_garner

LG1 · May 31, 2006, 2:18pm

Hi,

one may track the progress of the issue here: JM-703

LG

PS @ Allxis: Don’'t spend your points here when you mark this question as answered, Jeff did help you much more to solve the problem than this issue does.

Steven_Soo · June 2, 2006, 5:19am

Thanks everyone for their help.

I eventually got LDAP to work using Jeff’‘s method of creating a separate group and added other OU’'s to it. This will help us for the meantime.

Hopefully Javasoft can come up with a fix to use spaces too =)

Cheers,

-A