I have a strange issue that I either don’t know how to search for, or can’t find anything related to. I have single sign-on up and working with Active Directory, OpenFire 3.6.3, only 13 users right now, all using Spark 2.5.8. This is part of a planned larger deployment on Citrix servers for thin clients in testing still.
Now the strangeness: I have a user who has worked for the company twice in the same position, old user name first initial, last name, new user name first initial, last name, then the number 2; flast and flast2.
The old user account in AD is only a member of Domain Users
The new user account in AD is a member of a global security group created for OpenFire, SSSpark for short among others.
The user filter I am using is set to only members of the AD group ‘Published’, containing all active users; (memberOf=CN=Published,OU=Our_ Users,DC=domain,DC=com)(objectClass=user).
The group filter is set as (|(CN=SSSpark)) with more groups to be added later in deployment. This was to avoid headaches as our AD is set up unusually for this use.
BaseDN is DC=domain,DC=com
In web admin, under the users list I see the entire company’s active users. The only listing for this particular user is flast2, which is correct.
In the edit group members listing for SSSpark group, it shows everyone by their domain login name except the user stated, who is showing as firstname.lastname@example.org with the * by it, which says at the bottom “* Note: Remote users or entities should accept presence subscriptions automatically”