Openfire 3.5.2 not showing any groups from 2k3 Server

Hello all,

I am trying to setup a new server for use by our company. I have Openfire installed and am able to login to the Admin portion of the site, however I do not see any groups when I log in, nor in the administration side. When I try to create a Group it tells me “Error creating the group. Please check your error logs”. When I look at the error logs here is what I see:

at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:726)
at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:405)
at org.mortbay.jetty.handler.ContextHandlerCollection.handle(ContextHandlerCollect ion.java:206)
at org.mortbay.jetty.handler.HandlerCollection.handle(HandlerCollection.java:114)
at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
at org.mortbay.jetty.Server.handle(Server.java:324)
at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:505)
at org.mortbay.jetty.HttpConnection$RequestHandler.content(HttpConnection.java:843 )
at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:648)
at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:211)
at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:380)
at org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:395)
at org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:488)
2008.07.28 16:05:59 [org.jivesoftware.openfire.admin.group_002dcreate_jsp._jspService(group_002dcre ate_jsp.java:129)
]
java.lang.UnsupportedOperationException
at org.jivesoftware.openfire.ldap.LdapGroupProvider.createGroup(LdapGroupProvider. java:68)
at org.jivesoftware.openfire.group.GroupManager.createGroup(GroupManager.java:178)
at org.jivesoftware.openfire.admin.group_002dcreate_jsp._jspService(group_002dcrea te_jsp.java:106)
at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:97)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:487)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.ja va:1093)
at com.opensymphony.module.sitemesh.filter.PageFilter.parsePage(PageFilter.java:11 8)
at com.opensymphony.module.sitemesh.filter.PageFilter.doFilter(PageFilter.java:52)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.ja va:1084)
at org.jivesoftware.util.LocaleFilter.doFilter(LocaleFilter.java:66)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.ja va:1084)
at org.jivesoftware.util.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingF ilter.java:42)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.ja va:1084)
at org.jivesoftware.admin.PluginFilter.doFilter(PluginFilter.java:70)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.ja va:1084)
at org.jivesoftware.admin.AuthCheckFilter.doFilter(AuthCheckFilter.java:99)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.ja va:1084)
at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:360)
at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216)
at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:181)
at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:726)
at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:405)
at org.mortbay.jetty.handler.ContextHandlerCollection.handle(ContextHandlerCollect ion.java:206)
at org.mortbay.jetty.handler.HandlerCollection.handle(HandlerCollection.java:114)
at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
at org.mortbay.jetty.Server.handle(Server.java:324)
at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:505)
at org.mortbay.jetty.HttpConnection$RequestHandler.content(HttpConnection.java:843 )
at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:648)
at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:211)
at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:380)
at org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:395)
at org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:488)

Here is my setup:

AD Server - Win 2k3 Server 172.16.12.5

Openfire Server Win 2k3 Server 172.16.12.77

Database Server - MySQL on Red Hat server 172.16.12.76

One other thing, is when I try to search for a group it tells me there are results, but doesn’t display any of them.

Any ideas would be greatly apprciaited.

Thanks,

Hi, first off - you’re using LDAP to connect to an Active Directory database right? If so - that database is read-only (well it should be) so you don’t create groups in Openfire, you create them in AD. Second, if no groups are being displayed - is your LDAP connection information correct? You need a valid domain controller name, port 389, a user account with read access to the domain, and a base DN (the lowest level that you want to read AD - in my case that’s the domain level, in your case it might be a specific OU). During the Openfire setup you should have been able to test your connection.

If you’ve covered all of this, there may be a simple error in your openfire.xml file - post it here with the sensitive bits blanked out.

Finally - Openfire won’t display LDAP objects that use special characters (there’s a whole other post on this somewhere), and it doesn’t support nested groups. Some things to bear in mind!

Nick

My current AD setup is like this:

subdomain.domain.com

Users - Main Internal accounts (i.e. Admin etc)

Users - Call Center

Call Center Group 1

Call Center Group 2

Users - Repair Facility

Repair Facility Group 1

Repair Facility Group 2

Security Groups

Etc.

So if I read it correctly then you are telling me that this will not work for my AD setup. I will post the openfire.xml tomorrow.

Thanks for the help.

I would need to see the openfire.xml to help with this. I feel I need to clarify nested groups too, as I see this term tossed about a lot lately. This means you can not have AD groups members defined with groups. The groups must only have users as members. Openfire can follow an AD tree fin to locate all your groups if you have defined your baseDN correctly.