I am currently trying to set up the Jive Messenger 2.3.0 on a linux Enterprise server with OpenLDAP 2.0.27-20 (RPM). The LDAP server distinguises between enabled and non-enabled users through 2 attributtes (AdminStatus and ManagerStatus). both of these attributes must be set to enabled before a user can log in or be listed during a search. Below is my ldap config:
This configuration works great to only allow enabled users access.
The problem arises when a search is performed. To do a search for sombody@somwhere.com works fine, but when you type a single * to get a list of all users in the LDAP tree, The client is disconnected and no users are returned.
After looking at the search plugin code, I noticed that when a search is performed, it gets a list of ALL users first, then performs a secondary lookup per user to match the search criteria. When the second lookup is performed on a disabled user. The function throws a UserNotFoundException (not because the user doesn’'t exist, but because the users status attributtes were not set to enable) and exits prematurely. below are some jive debug logs and some LDAP debug logs. Any help with a workaround would be GREATLY appreciatted.
Jive Debug Log:
2005.11.28 15:09:22 Trying to find a user’'s DN based on their username. uid: john.doe, Base DN: ou=myOffice, o=myCommunity,dc=myDC…
2005.11.28 15:09:22 Creating a DirContext in LdapManager.getContext()…
2005.11.28 15:09:22 Created hashtable with context values, attempting to create context…
2005.11.28 15:09:22 … context created successfully, returning.
2005.11.28 15:09:22 Starting LDAP search…
2005.11.28 15:09:22 … search finished
2005.11.28 15:09:22 User DN based on username ‘‘john.doe’’ not found.
2005.11.28 15:09:22 Exception thrown when searching for userDN based on username ‘‘brendan.king’’
org.jivesoftware.messenger.user.UserNotFoundException: Username brendan.king not found
at org.jivesoftware.messenger.ldap.LdapManager.findUserDN(LdapManager.java:465)
at org.jivesoftware.messenger.ldap.LdapManager.findUserDN(LdapManager.java:400)
at org.jivesoftware.messenger.ldap.LdapUserProvider.loadUser(LdapUserProvider.java :69)
at org.jivesoftware.messenger.user.UserManager.getUser(UserManager.java:157)
at org.jivesoftware.messenger.user.UserCollection$UserIterator.getNextElement(User Collection.java:94)
at org.jivesoftware.messenger.user.UserCollection$UserIterator.hasNext(UserCollect ion.java:57)
at java.util.AbstractCollection.toArray(AbstractCollection.java:125)
at java.util.ArrayList.addAll(ArrayList.java:474)
LDAP Debug log: (names have been changed to protect the inocent)
Nov 28 15:16:26 dev1 slapd[1153]: conn=4121 op=50 SRCH base=“ou=ou=myOffice,=myCommunity,dc=myDC” scope=2 filter="(mail=*)"
notice that the custom filter is not applied above
Nov 28 15:16:27 dev1 slapd[1153]: conn=4121 op=54 SRCH base=“ou=myOffice,=myCommunity,dc=myDC” scope=2 filter="(&(uid=john.doe)(jasiAdminStatus=enabled)(jasiManagerStatus=enabled))"