So if I want all my users in Openfire … what would my DN be? The Admin would be one of the users in one of those areas … would it be better to specify a separate , “dedicated” AD account for ADMIN?
admin dn is just an account that has rights to do ldap lookups. This should be a non privileged account. by default by default any domain user account has access to do ldap lookups…
So each (some) of the “City” OUs has a USERS OU … and some have OUs for machine accounts … generic ones used for special functions … anyway to filter those out ? Also, lets say Chicago does not want to join the IM party … can you filter them?
create a DOMAIN local security group call IM Access Group and place it in your USER container under the root of your domain. Add users t…then use the following search filter.