LDAP group by user fields

Hi. We started migration from ejabberd and need little help with grouping users.

Installed last openfire server on win2003 server, sync with AD ldap.

All AD users in cn=Users.

No SecurityGroups for departments (only special, for technical reason).

But all user have “department” filed, and ejabberd can dynamicali group all user by this filed.

We try to repeat this in openfire, but without luck right now.

We start with:

ldap.groupSearchFilter - (objectClass=user)

ldap.groupDescriptionField - department

ldap.groupMemberField - cn

ldap.groupNameField - department

It show all groups, many dublicates, but no user in group.

Our point is - SecurityGroups managed manualy, and it’s booring to add every user to manualy created groups, but “department” field is mandatory, and HR must fill it for every real person.

PS sorry for my english.

The standard Openfire ldap group provider uses AD groups which must have members. That is the way it is designed to work.

If you cannot automate adding users to a group, then your other choice is to write your own custom AD group provider by extending the standard Openfire implementation.

You would need a Java developer to do that