LDAP set to root of directory fails

Jbox · November 6, 2009, 11:02pm

OpenFire v3.6.4

LDAP server eDirectory

In the LDAP config you are asked for a base DN (O=container1), and you can define alternate in the config file (O=container2). I have that working and see users in both base and alternate. The problem is the structure of my directory, I have many organization containers under the root so I would need a way to define 20 alternates (O=container3…4…5…20) - or a way to simply start at the root. With every other LDAP enabled application I simply set the base DN to the root and it is able to search all the sub-containers. I tried setting Openfire base DN to the root and it never works, it will not take a blank entry (O=) and it will not take the eDirectory default which is T=. I can not use LDAP if Openfire is not able to search all containers for users. Any thoughts?

Jbox · November 6, 2009, 11:23pm

A side note about the way eDirectoy looks from LDAP browser

If in eDirectoy I have the following directory structure it appears this way in LDAP;

[eDirectoy]

TreeName

sub-org1 under tree name

sub-org2 under tree name

sub-of-org2 under sub-org2

[LDAP]

T=TreeName is a valid baseDN (but does not work in Openfire)

O=sub-org1 is a valid basDN

OU=sub-of-org2,O=sub-org2 is a valid baseDN

It is common to have many sub-orgs directly under the TreeName, often they are office location names or department names - users in each sub-org.