powered by Jive Software

Integration with LDAP accounts that have email addresses as UIDs

Hi all :slight_smile: I have an LDAP setup that uses full email addresses as the UID because it was originally configured to support postfix/dovecot in a multiple virtual domain / virtual user setup. However, when I try to use this configuration in Openfire I have a problem: If I try to use the full UID as the user’s login, this appears to work and I can test the LDAP setup and retrieve records but then when I try to enter an admin account name, I get the following error: ava.lang.IllegalArgumentException: Illegal JID: r.s.goldsmith@far-blue.co.uk@far-blue.co.uk I assume this is because Openfire is automatically adding the jabber domain to the end of the username string. If, however, I just enter the first part of the username (assuming Openfire will automatically add the ‘@far-blue.co.uk’ bit) I get an error informing me the LDAP user was not found. If I try to filter the usernames by modifying the uid search string to include the ‘@far-blue.co.uk’ bit automatically (which, in theory, could allow a jabber user to login with just the bit before the @ - and also has the advantage of filtering out users linked to different domains) using a uid string like: (uid={0}@far-blue.co.uk) The LDAP check doesn’t fail but it also doesn’t show any records (it shows an empty ‘success’ screen with no values). Anyone have any ideas how I could configure Openfire to work with my LDAP setup? Is the only option to add a new node to all the users with a jabber id value (which would be a shame as it seems messy to me)? Thanks in advance! Robert (server config: ubuntu 8.04lts server)

you need to escape the first @ symbol so you do not get that error.

escaping the @ at which point, using which escape sequence will fix which error? html escaping? ldap escaping? In the ldap string? in the username supplied as an admin user? fixes the admin user java error or the lack of displayed results in the ldap test?

In theory, you should be able to escape the ‘@’ sign in your uid, so if your uid was jon.doe@company.com, you could enter jon.doe\40company.com.

This allows you to add the user, but if you then try to test it (while still in the Setup UI), it won’t work.

Ignore this error though, and finish the setup. You should find that you can log in to the Admin Console by entering jon.doe@company.com (i.e. not escaped).

Hope this helps.