I am in a school setting and have LDAP (Active Directory) working. The problem is my OU structure is based on my building layout. I have an OU for each building. Within each building OU, I have 2 OU’s - one for Staff and one for Students. When I set my baseDN to search the entire domain structure, I get students and staff. I want staff only. I can use the alternateBaseDN to limit search to a building staff OU, but it doesn’t appear to allow multiple alternateBaseDN’s. Which limits me to only 2 groups of building users. My question: Is there a way to use multiple alternateBaseDN’s or a way to include a group membership in the ldap.searchFields entry?
Thanks in advance for any help. I just discovered OpenFire yesterday. It was a breeze to setup. Just this one glitch so far.
Might I suggest creating a group that all staff members belong to. Then use a user filter to limit openfire to users of that group. An example of that filter would be:
Thanks. I do have an all-staff group. I’m not sure I understand all of the syntax/keywords. What is CDATA? Do I leave this and just change the DC and group names?
This is a filter you can manually add to your openfire.xml file. You would need to stop the openfire server first then edit this file then start the server again.