LDAP authentication using groups does it works?

Hello,

I’m trying to use openfire with LDAP, it works like a charm except when i m trying to use groups. Here is my problem.

<host>192.168.0.1</host>

<port>636</port>

<baseDN>ou=jabber,dc=mydomain,dc=com</baseDN>

<adminDN>cn=Manager,dc=mydomain,dc=com</adminDN>

<adminPassword>mysecret</adminPassword>

<connectionPoolEnabled>true</connectionPoolEnabled>

<sslEnabled>true</sslEnabled>

<ldapDebugEnabled>false</ldapDebugEnabled>

<autoFollowReferrals>false</autoFollowReferrals>

<usernameField>uid</usernameField>

in my LDAP , i have this

dn: ou=jabber,dc=mydomain,dc=com

objectClass: groupOfNames

objectClass: top

cn: jabber

description: user group

member: uid=my.user,ou=Users,dc=mydomain,dc=com

And then

dn: ou=Users,dc=mydomain,dc=com

objectClass: organizationalUnit

ou: Users

dn: uid=my.user,ou=Users, dc=mydomain,dc=com

objectClass: top

objectClass: inetorgperson

objectClass: person

objectClass: posixAccount

objectClass: shadowAccount

uid: my.user

mail: user@domain.com

uidNumber: 5000

userPassword: g7uZvsnCbGXiPyyUDGOxqEQZu

loginShell: /sbin/nologin

gidNumber: 5000

When i’m trying to authenticate , it doesn t work, and i don t know why. If someone can show me the way

If I remember right, Openfire is looking for groups to be defined differently- basicly the “members” of the group in ldap should be the usernames, not the full DN’s. Im uncertain without looking in the source if Openfire can handle the dn-style groups.

thank you, so i well understand, i should use some thing like :

dn: cn=jabber,dc=mydomain,dc=com

objectClass: posixGroup

objectClass: top

cn: jabber

**userPassword: ***

gidNumber: 5000

memberUid: user1

memberUid: user2

???

Thanks 4 ur Help

PuceXcit,

That has worked for me.

Slushpupie,

It s very strange , is it the first solution working for u ? (The authentication with DN’s) , or the second with memberUid ?

Thank you very much for your time

Puce

Can you please copy and paste your ldif files and you openfire.xml , to help me to find my mistake ?

thank you

Puce