powered by Jive Software

Openfire 3.6.2 does it fix the ldap group lookup issue?

I am currently running 3.5.2 and I’m working on upgrading to 3.6.2. We are curently having an issue that many people report on the threads, where group membership is not being updated. I am currently using active directory for our ldap database.

has this been resolved in the latest version and if not are there any recommendations or work arounds for this.

thanks

Jason

I do not have this problem with Openfire 3.5.2 or version 3.6.2. I do however foce the replication of data via Active Directory Sites and Services msc.

So what happens is when I modify a group in Active Directory, add or remove members. This is not showing up in openfire until I restart the openfire service. Or other members have said they have to remove the group and republish it, either of those solutions really isnt the best since this is my production server.

I’ll upgrade anyways but I’d like to figure out a way to fix this.

thanks

Jason

I has to do with replication. Which is why I force an AD replication. This causes all servers looking back to the PDC to poll for new data. this include LDAP bound machines. If you wait long enough it will replicate on its own. This time frame varies from server to server. You can force replication by restarting openfire.

This has nothing to do with AD Replication, I’m pointing to the server that I’m making the changes on.

I found another thread that states that the cache for group lookups is 6 hours "cache.group.maxLifetime " , thats my issue. I’m going to make the changes recommended in the following link and see if this fixes my issue.

thanks

http://www.igniterealtime.org/community/docs/DOC-1673

Jason

After adding the cache.group.maxLifetime setting a milisecond value, and restarting the server this works great now. I can update a group in active directory and go into openfire and the update is seen.

much much better.

Jason