Integrate Openfire with Active Directory

Sunday · January 1, 2016, 9:40pm

Hi

Happy New Year 2016!

I need help integrating OpenFire with Active Directory because when I went at step 2 of 3 (Profile Settings: User Mapping) and press the button “Test Settings” it appears the an error message (see below “Test Settings”).

Here’s a brief overview of what I did (I hope it helps to helping me):

Step 1 of 3:

Server Type: Active Directory

Host: ip_address_of_the_dc

Port: 389

Administrator DN: CN=“admin_user”,CN=Users,DC=OPEN,DC=FIRE,DC=COM

Password: pass_word

Step 2 of 3: User Mapping (where is the problem):

Username Field: sAMAccountName

Advanced Settings

Search Fields: empty

User Filter: (I’ve done the following attempts):

(&(objectClass=group)(CN=admin_user,CN=Users,DC=OPEN,DC=FIRE,DC=COM))
(&(objectClass=organizationalPerson)(CN=admin_userr,CN=Users,DC=OPEN,DC=FIRE,DC= COM))"
(&(objectCategory=person)(objectClass=user)
(&(sAMAccountName={0})(objectClass=organizationalPerson))
(objectClass=organizationalPerson)(&(objectCategory=person)(objectClass=user)(me mberOf=CN=Users,CN=Users,DC=OPEN,DC=FIRE,DC=COM)

What should I change?

Best Regards

Richard

speedy · January 2, 2016, 4:38pm

what are you using for you base dn? I recommend using the root of your domain for this.

also, for the admin account. this account is kind of misleading. This field wants an account with access to do ldap queries. If your AD security is still default, a normal domain user account will will be able to do ldap lookups. anyway. try using the account in with this format “user@domain.local”

Next, how large is your AD? do you have over 1000 items? if not, the default filter should work.

If you are wanting to try to use AD group to manage access, than take a look at this.

How to Setup Authentication Groups with LDAP/AD

Sunday · January 3, 2016, 2:02am

Hi

Thanks for the tips but unfortunately still doesn’t work.

It gives me the following messsage:

"

Test: User Mapping

A random profile is selected for you to review. Bold fields with no value mean that an error may have been found. To view another profile click ‘Next random profile’. When you are finished close this window.

Status: Error

"

For the “DN” (in step 1 of 3):

LDAP Server

Base DN: “DC=OPEN,DC=FIRE,DC=COM”

Administrator DN: “CN=admin_user,DC=OPEN,DC=FIRE,DC=COM”

Best Regards

Richard

speedy · January 3, 2016, 5:06pm

try making your admin dn user "admin_user@open.fire.com"

Sunday · January 6, 2016, 1:19am

Hi

The tip worked well but now in step 3 of 3 gives me the following error:

“Test page is not able to find required information in HTTP session.”

Configuration

Group Mapping

** Group** Field: cn

Member Field: member

Description Field: description

Advanced Settings (attempts)

a) (objectClass=group)

b) (&(memberOf=CN=admin_user,CN=Users,DC=OPEN,DC=FIRE,DC=COM))

c) (&(objectClass=group)(CN=admin_user,CN=Users,DC=OPEN,DC=FIRE,DC=COM))

d) (&(objectClass=organizationalPerson)(memberOf=CN=admin_user,OU=Users,DC=OPEN,DC =FIRE,DC=PT))

Best Regards

Richard

speedy · January 7, 2016, 1:55am

(objectClass=group) should work

it sounds like maybe a browser issue or corrupt Openfire install/database. If you are just setting this up for the first time, I would recommend starting from scratch, deleting all prev install attempts.