powered by Jive Software

LDAP - limiting # of users

Right now Openfire 3.7.1 is setupt o bring in all the objects in LDAP (some 75,000). This makes managing users and groups impossible (too slow). In reality, only a hundred or so users will use Openfire, so I’d like to make a group of specific chat users.

Is there anyway I can make Openfire ONLY pull in users from a specific group, say ‘ChatUsers.Groups.Department.Company’ ?

Thanks

Jon

Try using member-of in your LDAP query by modifying the system property ldap.searchFilter. This page http://bit.ly/9ZhT7q shows example queries. (Note: when constructing your search query, keep in mind that the LDAP code automatically adds (&( to the beginning, and )) at the end, so your new property value should look something like: objectClass=organizationalPerson)(memberof=CN=ChatUsers,OU=Groups,OU=Department,DC=Company,DC=com)

Hope that helps!

Jeff

EDIT: In case you didnt read the StackOverflow article I linked, here’s an important note:

[member-of] does not handle nested memberships, e.g. User A is member of Group A which is member of Group B - that fact that User A is really a member of Group B as well doesn’t get reflected here.

Thanks! You got me on the path to how to fix it. I fubared my config (somehow), so I started over.

During setup I ended up putting the following line in the User & Search boxes under advanced in the User Setup.

(&(cn=*)(groupMembership=cn=ChatUsers,ou=Groups,ou=department,o=university))

This did the trick.