How do I auto-fill user contact lists from Active Directory?

I have recently installed Openfire 3.5.2 and MySQL on a Windows 2003 server with the Spark client. Connecting to the server with the Spark client is a breeze, but I am being forced (every user is being forced) to manually add other users to their contacts.

How can you fill everyone’s contact lists from the pre-existing user accounts in the MySQL database and/or AD?

Thanks for your help.

Patrick

Hi Patrick,

Since you’re using AD take a look at the “Group Settings” of the LDAP Guide. Or, take a look at the Shared Groups section in the Openfire Admin Console.

Hope that helps,

Ryan

Create an AD group if it does not already exist with all AD users as members. In openfire go to the Users/Groups tab, choose the groups settings, find the group, click it, give it a share name, save it, have each person relaunch spark. If you are a member you will get the group in your roster. Large groups slow spark launch time.

I cannot access the document that is above, is it possible to relink it?

Hi,

There’s something amiss with the editor html link handling. Try this link:

http://www.igniterealtime.org/builds/openfire/docs/latest/documentation/ldap-gui de.html

Hope that helps,

Ryan

Ok, reading through the document is kind of confusing, and we have it set up a little wierd -

Users are part of a group (CorpIMUsers) which is the area we query for users -

(&(objectClass=user)(memberOf=CN=groupname,OU=ouname,OU=ouname,OU=ouname ,OU=ouname,dc=subdomainname,dc=domainname,dc=com))

We would like to use create groups in the roster with individuals being posted into each group therefore we made the group (CorpIMGroups) which is comprised of -

(&(objectClass=group)(memberOf=CN=groupname,OU=ouname,OU=ouname,OU=*ouname *,OU=ouname,dc=subdomainname,dc=domainname,dc=com))

Basically we want a controlled environment but still want ldap auth, is there any way we can adapt the above to do something like this? -

our situtation:

Joe User is in the CorpIMUsers group, when he logs in he has the ability to set his contacts, create contact groups in his roster and fill it out, he wants to add the IT indivuals to his list but doesnt have a list.

what we want:

Joe User logs in to jabber and is presented with a full list of Dept. heads and the IT helpdesk but can still add his own contacts and contact groups

you can share any LDAP group that is listed in your openfire server. The sharing default is to show the group only to members of the group. You can expand the sharing of the the group by checking the box to share with other users. see attachment.

Well, I just went and did what you showed in the picture and there still arent groups showing up at all in my contact roster… I have my roster set to show empty groups as well so the fact that they are empty shouldnt stop it…

Another question, to have someone spread and be a member of one of those groups would they have to be a member of the group in AD?

did you quit spark? are you sure the settings saved? Did you share it to a group or groups you are a member of?

did you quit spark?

yes… like 3 times

are you sure the settings saved?

yup, it says so.

Did you share it to a group or groups you are a member of?

did you look at the picture?

Im having the same issue here. Same kynd of structure using a AD integrated authentication.

I have a specific group on AD from where the Openfire loads its users: “GROUP_OPENFIRE_USERS”

sAMAccountName

memberOf=CN=GROUP_OPENFIRE_USERS, OU=Openfire, OU=SULGAS_GROUPS, OU=SULGAS, DC=sulgas,DC=rs,DC=gov,DC=br) (objectClass=organizationalPerson)

(objectClass=group)

Everything works fine, but the sharing of the contact list doesnt works for me.

At the Console > User/Groups > Users > Users Sumary, all users are listed and authenticating on AD as well.

But today I figured that At the Console > User/Groups > Groups > Groups Sumary, the group GROUP_OPENFIRE_USERS is showing that has ZERO members, but it should have 153 users.

Thats wierd, because thats my Openfire group in AD that I succesfuly use for integration.

Any clues if thats the reason the sharing shares nothing?

Does it happens to you guys or its another cascaded issue?


I think you should open a new discussion as this thread is already closed.

Ok, after snooping around with my query I am wondering if for the group query I need to cut off a part eg:

from (&(objectClass=group)(memberOf=CN=group,OU=ou,OU=ou,OU=ou,OU=ou,dc=dc,dc=dc,dc= com))

to (memberOf=CN=group,OU=ou,OU=ou,OU=ou,OU=ou,dc=dc,dc=dc,dc=com)

upon doing this in my test box it populates the groups, but i am unsure if it actually worked in the contact roster on the client.

One question for the GURUs, how does the ldap pull time out? How long between when I make a change to a query and when it takes effect?

I made it!!! Woot!

  • On openfire.xml disable que POSIX Mode: false
    Restart the Openfire.

    That made my group GROUP_OPENFIRE_USERS load with its 153 members properly.

  • At the Console > Server Manager > System Properties:

    registration.emailnotification.enabled

false

registration.group

Everybody (use here the same you set as Share Contact List group)

registration.group.enabled

true

registration.imnotification.enabled

false

registration.web.enabled

false

registration.welcome.enabled

false



Seriously people this is a closed thread if you have your own questions and concerns start your own discussion. Hijacking a thread id bad form.