Multiple Domains

Chris_Neal · January 26, 2007, 8:24pm

We have an active directory with Three Domains… (One is the parent domain. i.e. abcompany.com)

The other two are child domains… na.abcompany.com and eaap.abcompany.com. I can install a Wildfire server for each domain not a problem… However, I can not get the search to span both domains. Or even give me an option to add a server to the drop down… Am I doing something wrong.

IGA14302 · March 1, 2007, 12:56pm

I am also facing a similar situation

The AD is setup as xyz.com with two domains us.xyz.com and in.xyz.com

when I configure Wildfire to query xyz.com, I do not get any list of users, whereas it works for querying in.xyz.com

so I need to configure one server each for in.xyz.com and us.xyz.com

then case, the JIDs would also differ though all users are working for xyz.com and there would not be a standard JID like username@xyz.com

I have also not tried out the server to server communication between in and us and need suggestions on it

Is there any solution / workaround setup for such environments?

W_Andrew_Loe_III · March 1, 2007, 6:01pm

Set up different Wildfire servers for each tree, and then enable server-to-server. This will also have the benefit of having JIDs that are more appropriate. sam.johnson@na.yourcompany.com messaging tony.blair@uk.yourcompany.com

Bill1 · March 15, 2007, 3:49pm

I have a solution, try this…

<host>GLOBAL CATALOG SERVER</host>

<baseDN>dc=FORSETROOT;dc=com</baseDN>

and…

if you allowed users to have the same SAM account names in multiple domains, you will have a problem. You can change to use the user’'s email or UPN, but thats your call. The key is to query the GC, on port 3268 and NOT ldap on 389.

Chris_Neal · March 15, 2007, 6:52pm

Success!!! Yeah! Tried the Port 3268 instead of 389 (Note: all of our Domain Controllers are Global Catalog Servers (Note: http://technet2.microsoft.com/WindowsServer/en/library/24311c41-d2a1-4e72-a54f-1 50483fa885a1033.mspx?mfr=true for explaination of Global Catalog Server Operation)

This did Slow down the Authentication Time… But not a lot…

However, now I get an error whenever I perform a Search from Spark Client… (Maybe it needs to allow more time for the AD search?)

P.S. I upgraded to 3.2.2 of Wildfire and 1.3.0 of the Search Plug-in… No change Still dies…

Message was edited by: cneal

Bill1 · March 15, 2007, 6:56pm

Well, can you post the message? Does Wildire/Openfire show anything in the same time frame?

Chris_Neal · March 15, 2007, 6:57pm

Spark Client says unable to contact search service.

Found a better article on Searching the Global Catalog. (Just for Reference)

http://www.microsoft.com/technet/prodtechnol/windows2000serv/reskit/distrib/dsbc _nar_bsad.mspx?mfr=true

Message was edited by: cneal

Bill1 · March 15, 2007, 7:13pm

Are you able to search from within wildfire?

admin console -> user groups tab - > User search

Does this work?

Do you have the search pluggin installed?

is it enabled? admin console -> server tab -> search properties

Ryan_Graham · March 15, 2007, 7:20pm

Hi Chris,

If you do have the search plugin installed, what version is it? There is a problem with version 1.3.0 and LDAP so you’'ll want to upgrade to 1.3.1 which you can find attached to this post.

Thanks,

Ryan

Chris_Neal · March 15, 2007, 7:21pm

Yes… Search at the server works… Just not from SPARK…

Yes… The plug-in is installed and enabled… (v1.3.0)

Chris_Neal · March 15, 2007, 7:26pm

That fixed it… YEAH!

julenisse · July 5, 2007, 2:10am

hi cneal,

i would like to know how do you go about on solving this issue? able to provide some step by step kinda of guide for me?

i had read the previous thread saying you could either

do a server-to-server configuration or
using the following codes:

but i cant understand what i am supposed to do in the first step or where am i supposed to place the codes listed in step 2.

had read http://wiki.igniterealtime.org/display/WILDFIRE/Server+to+Server+HowTo but i am juz not a techincal person.

any help is appreciated. thanks

Darren_Sykes · July 5, 2007, 6:44am

That’‘s really strange - I’‘ve been using that config for about 10 months now (4 domains, 1 forest) with a single server and the user search from Spark is fine so it’'s definately possible.

julenisse · July 5, 2007, 8:35am

managed to solve the problem.

thanks for the reply.

here’'s my solution

Message was edited by: julenisse

Darren_Sykes · July 5, 2007, 12:16pm

That’'s not really the same thing; I have 1 openfire server serving 4 Windows AD Domains.

If you were to use a server for each domain, then that’'s just a standard 1 server to 1 domain setup with multiple jabber domains.

julenisse · July 6, 2007, 12:51am

DeeJay wrote:

That’'s not really the same thing; I have 1 openfire server serving 4 Windows AD Domains.

If you were to use a server for each domain, then that’'s just a standard 1 server to 1 domain setup with multiple jabber domains.

currently, i am doing a test on both environments which you had mentioned.

so far, i had managed to solve the 1 server to 1 domain setup.

able to strike some light on how to go about on configuring 1 sever to many window domains?