powered by Jive Software

Ldap Multiple Group Filter

I am currently running Openfire 3.6.3 using an Opendirectory on OSX server 10.4 for ldap authentication with a bunch of groups.

I have been successful in filtering a single group into Openfires Groups using the ldap.groupSearchFilter with value: “(&(apple-group-realname= All Users Group)(objectClass=posixGroup))” and that works great but only that single group is imported.

Is there a way to filter multiple groups into Openfire I would like to import only 10 of the 50 groups we currently have in our directory?

You could add a special token to the groups you want to pull in by adding a special phrase to, say, the “info” field and then you can change your filter to something like:

(&(objectClass=posixGroup)(info=specialKey))

In this filter I’ve called the special phase “specialKey” but you can use any word really. This will only work if you’re not already using that field for something else.

You can use a wildcard to specify the group name:

“(&(apple-group-realname=OF*)(objectClass=posixGroup))”

This will show all groups that start with OF.

Are you trying to limit the nuber of groups that show or the users that have access to use chat?

Your suggestion worked, I should have figured that out.

On our osx 10.4 opendirectory server I can insert in the comment field “openfire” then in the ldap.groupSearchFilter I can use (&(description= openfire)(objectClass=posixGroup)) to filter all the groups I would like into openfire.

Thanks for the help!