I followed the post here: http://community.igniterealtime.org/message/204225
That allows me to use both the database and my LDAP tree. But I see two weird issues.
Here are my settings:
provider.auth.className = org.jivesoftware.openfire.auth.HybridAuthProvider
- provider.user.className = org.jivesoftware.openfire.auth.HybridUserProvider
- hybridAuthProvider.primaryProvider.className = org.jivesoftware.openfire.ldap.LdapAuthProvider
- hybridAuthProvider.secondaryProvider.className = org.jivesoftware.openfire.auth.DefaultAuthProvider
- hybridUserProvider.primaryProvider.className = org.jivesoftware.openfire.ldap.LdapUserProvider
- hybridUserProvider.secondaryProvider.className = org.jivesoftware.openfire.auth.DefaultUserProvider
1A) For provider.user.className
If I set that to "org.jivesoftware.openfire.auth.HybridUserProvider", I can add new users to the database via the UI. However the LDAP users do not appear (even though everyone can login just fine).
1B) In this mode I can also see any logged in LDAP users.
1C) In this mode I can delete an LDAP user, even though I have read only access to the LDAP tree. It doesn't delete the LDAP user fro teh tere, but it removes all Openfire data including rosters for that user.
2.) If I set provider.user.className to: "org.jivesoftware.openfire.ldap.LdapUserProvider", then I can see the LDAP users but I cannot see the database users.
Has anyone seen this behavior?
Or does anyone have it working correctly?