powered by Jive Software

LDAP integration - automatic rosters - user's gidNumber not taken into account

I have OpenFire set up with LDAP integration (OpenLDAP). It works fine, however I have the problem that, if I set OpenFire automatically add the group “Domain Users” to everybody’s roster (using “[contact list group sharing”|http://localhost:9090/group-edit.jsp?group=Domain+Users]), this group’s members do not actually show up in the roster (the group itself does).

After playing around with it for some time, I noticed that, if I explicitly add the users to the group’s “memberUid” attribute in LDAP, the users show up in the roster. However by default, the users only have this group, which is their primary group, set as their “gidNumber”, and aren’t explicitly specified in the group’s “memberUid”.

Is there a way to make OpenFire also evaluate every user’s “gidNumber”, in addition to the groups’ “memberUid”?

Not currently. Right now we have only the reverse direction. Note that in my previous job, I would have run into this as well. We didn’t populate groups like that. Only went the other direction, user entries had attributes for what groups they were a member of. Implementing this would be a tad complex, and isn’t “currently” on our roadmap, but it is something I have in my mind often primarily because it would have affected me in the past. I vaguely recall seeing an open JIRA issue for it, but I can’t find it at the moment.

Ok, thanks. For the time-being, I just explicitly added the users to their primary group. Not a big problem for me since this is a small server with less than 10 users.

But it would be great if this could be fixed in a future release. I haven’t been able to find the issue in the bugtracker either, so it would be great if you could open one.