LDAP Authentication with freeIPA version 4.2.0

I’m having a heck of a time trying to get LDAP authentication working.

My configuration is as follows:

Openfire 4.0.1 with embeded DB

Default freeIPA install of version 4.2.0

  • default user group is ipausers
  • Created and imported a read only user with .ldif file
    dn: uid=openfire,cn=sysaccounts,cn=etc,dc=mydomain,cn=org

changetype: add

objectclass: account

objectclass: simplesecurityobject

uid: openfire

userPassword: supersecretpassword

passwordExpirationTime: 20380119031407Z

nsIdleTimeout: 0

I’m able to get a sucessful connection to LDAP and can even setup the “Read Only” admin account and then sucessfully login to Openfire with that account.

The problem is that is the only user that is able to login. It doesn’t populate the users from the correct LDAP group into openfire. Only the read only admin account gets imported as a user.

Any help getting this working properly would be greatly appreciated!

Thank you in advance.