I’m trying to setup Openfire 4.0.2<->LDAP interaction, almost everything works fine except group filtering. I see no group filtering rule in Administration Web Console (there is ldapsearch filter but for users only). I have found in docs that there is a ldap.groupSearchFilter option - but can’t understand exactly how to use it. This document has an example on how to implement such a filtering by using openfire.xml. But this example isn’t really clear for me - in my understanding Openfire setup divided into 2 parts: one is openfire.xml and another keeps somewhere else (other configuration files or in DB) and openfire.xml doesn’t contain settings mentioned in Web Console so I final configuration is an aggregation of these 2 (or more than 2) parts.
I’ll be appreciated if somebody could put some light on how to impolement LDAP Group filtering. I’d like to filter group - not all groups available in LDAP Directory are really needed in Openfire.
Right now I see that I have to add ldap.groupSearchFilter option into openfire.xml. But there are other settings included in mentioned example - should I add these settings as well? If I’m right thinking that final config is an aggregation of openfire.xml+something_else and keeping in mind that I already adjusted other LDAP related settings by Web Console, will such addition break my configuration or not? From my experience: for some systems if you have same settings adjusted in a config file and in a DB, config file might override same option. Openfire works like that or not?