I’ve seen this question asked a few times. “How can I used my AD roster groups for user authentication?” I beleive I have found the solutions.
for this example I’ll be using the following:
AD domain = AD-DOMAIN.local
access group = Openfire Access Group
roster groups = _IM Group1, _IM Group2
(*note - I’ll be using _IM as part of a wildcard search, so all my groups start with _IM for that reason)
First create your security groups:
Create a Domain Local Security Group. In our example call it Openfire Access Group and place it in the user container.
Created regular security groups, in our example _IM Group1 and _IM Group2.
Make _IM Group1 and _IM Group2 members of the Openfire Access Group
Add your users to the _IM groups
(include your openfire admin account, or make it a member of the Openfire Access Group )
Next, set your system properties in openfire:
(&(objectclass=organizationalPerson)(|(memberOf:1.2.840.1135220.127.116.111:=CN=Open fire Access Group,CN=Users,DC=AD-DOMAIN,DC=local)))
That should do it. I hopes this helps someone! Please let me know if you have any problems or if I missed something!