When setting up ldap for use in openfire it prompts you to add a base ldap entry, for users and groups. Our groups are held in a different part of the ldap tree, is it possible to tell openfire to look in a different area for our group information?
If your base is set to the root of the tree and both containers are on that tree, then you should be able to specify something like this:
<groupNameField>cn</groupNameField>
<groupMemberField>member</groupMemberField>
<groupDescriptionField>description</groupDescriptionField>
<groupSearchFilter>((CN=*))</groupSearchFilter
It works in my active Directory search, you mileage may vary…
If there is a higher OU that contains both the Users and Groups OUs make that your Base DN. If not you could use the tree as your base (this is not the best option), or modify the structure of your domain to have a tree that will work for your deployment. It is always better to have a manageable tree, in my opinon. I reorganized my tree when we started using LDAP integration more wide spread. The other pitfall to be wary of is empty groups. They will cause all sorts of errors in your logs. My tree now has a Base DN that works well with LDAP query and all other groups are outside of this DN.