my current setup:
Openfire (latest version, Linux) running with read access to OpenLDAP.
I cannot change the contents of the OpenLDAP server because the LDAP server gets populated by another system.
The LDAP contains (among other stuff): ou=People and ou=Group
Base DN used in Openfire is Domain, Top-Level-Domain
“Group” contains several groups. ldap.groupNameField = cn .
Openfire uses “users” group. This group contains all user names in the field “memberUid” as a list. ldap.groupMemberField = memberUid
Since the base DN is so broad, I use a filter: ldap.groupSearchFilter = (cn=users)
This gives me a group roster in Openfire which contains all users in the “users” group. These are all people in my company.
So far, so good.
What I want to do:
I want to have different group rosters for each branch office. So, separate group rosters for people from New York, from Berlin, from Paris… You get the idea.
The only place where this information is stored is in ou=People.
Every uid (every person) contains a field “location”.
The big question:
How should I configure Openfire in order to read the LDAP in a way that it creates group rosters for every location?