powered by Jive Software

Multiple Groups Support after AD Integration

Hii All,

I have installed Openfire Version 3.6.3 & Integrated it with Active Directory successfully. It only shows only one group, which I have specified as OU=“Group1”,DC=“domain”,DC=“com” . now, I can see the users only from Group1 only extracted from AD server. Using Spark client these users are searchable & they can chat each other.

Now our requriement is there should be multiple groups(AD or IM DB) . Whenever a user login[IM Client] it should automatically sliced to their respectice groups & can only in that group


Finance Group

HR Group

Contractors Group

Now Finance Group members when login should not be able to view/chat with Contractor group members & so on.

Is there a way can create such groups after AD integrations?

Any pointer/help in this regard would be greatly appreciated.



Maybe Packet Filter plugin can help here.

First you are confusing AD groups (CN) with AD organizational units (OU).

An OU is not a group, it is only an organizational structure meant to hold other created objects (user containers, group conatainers or other OUs holding containers).

A container is any created user, group (security or distribution) or resource. Containers should be organized within OUs.

With all that said, you need to change your ldap BaseDN you set in openfire to not look at a specific OU. Then create the specific Security Groups you would like to use with openfire in AD. These groups can then be shared to via Openfire to group members and other users: http://www.igniterealtime.org/community/docs/DOC-1619

Sample AD structure used for LDAP: