LDAP (AD) authentication and ability for user to select their own nickname

Matthew_Monteleone · April 23, 2007, 7:40pm

We have openfire configured to use Active Directory for authentication, which is working fine.

One fairly major problem is that we can not find a way for Spark users to set their own nickname, since the vcard is read only. This is pretty important because we use the nickname (display name) to quickly indicate what support groups, etc., that a user is a part of. This changes often and needs to be set by the user.

Is there any way to use LDAP authentication but allow the user to set their own display name on the client?

Matthew_Monteleone · April 23, 2007, 8:05pm

Does this post contain the answer maybe?

http://www.igniterealtime.org/forum/thread.jspa?messageID=142969&#142969

So, this would let LDAP handle authentication, but vcards will be handled by the database?

In this case, I have some follow up questions

Is there anyway to just have LDAP fill the vcard first time, then make read-write?
Why is the nickname field not used in the display name? As far as i can see only the First Name field in the profile is used, or is this configurable somewhere?

Matthew_Monteleone · May 5, 2007, 10:38pm

answered my own questions.

no there is currently not a way to write this nickname info in.
roster name is always the alias the user gives when adding.

Matthew_Monteleone · May 5, 2007, 10:39pm

answered my own questions

Darren_Sykes · May 6, 2007, 9:02am

To attempt to (re)answer your questions:

You’‘re correct. You either map your VCARD with AD or you don’‘t so it’'s not possible to only do certain fields. Another way to do this would be to:

a) Create a new attribute (or use an existing one) in AD for storing the information

b) Setup Openfire so it maps the field to whichever field you need in the their VCARD

c) Set permissions in AD so that the user can modify their own information (Self -> Write)

d) Knock up a quick web page to allow users to change their own details (about 10 lines of code in .ASP using ADSI)

You can change the VCARD mappings (to make their nickname equal to their AD DisplayName or whatever). We do this currently. However, in Spark when adding a user to the roster, it suggests their JID as their displayname. if you manage the roster using groups, contacts will appear in the roster added using their names as defined in the VCARD.

It’'s also worth noting that this is considered an issue, and may be fixed soon: http://www.igniterealtime.org/issues/browse/JM-460

Message was edited by: DeeJay