LDAP info/vCard is not mapping the correct fields

Openfire Openfire Support
1

Hi, very newbie questions but I have just put up a new Openfire server and testing it right now.

  • So far I chose the LDAP integrated installation and at user info mapping I just removed the firelds under personal/home to avoid everyone seeing each other (for some peopel) personal information such as home number etc. But it seems it is mapping the wrong fields since the Spark client is showing the personal information for each user under the business part Any way to correct this - or have I done something wrong?

  • If I want to allow the users access to the system from the outside the only nessecary ports to open is 5222 and 7777 right? And if I just point the client to the IP/DNS of external domain the Spark client detects the open ports itself?

  • Isn’t it possible to allow screen captures or filetransfers to other gateway clients such as MSN? And if there isn’t is there any way to disable the tabs when thay speak to those clients because a lot of people are confused because of this?

  • Is it a security risk not using SSL or something when connecting to the system from outside the firewall (because of LDAP authentication)?

2

you did not specify what you are using for an LDAP server. If you are using Active Directory then:

  • this would be your Vcard mappings without home info:
{sn} {givenName} {mail} {displayName} {displayName} image/jpeg {jpegPhoto} {postOfficeBox} {l} {st} {postalCode} {c} {telephoneNumber} {mobile} {pager} {facsimileTelephoneNumber} {title} {wWWHomePage} {company} {department}
  • If you want external access then the server should be named with an external Fully Qualified Domain Name (i.e. chatserver.domain.com). Use this address internally and externally. Then open just the ports you wish to access externally. I would say 5222, 5223, 7777.
  • Screen captures and file transfers are not possible at this time to external gateways. I do not know of a way to disable this feature for gateways. you need to contact Daniel Henninger the creator of the plugin.
  • There is always a security risk. By default spark want to use secure connections if available which is why I said to allow that port. Make sure you have openfire configure to allow secure authentication. Openfire creates its own selfsigned certs for this purpose.