I’ve been using for a while openfire with local authentication database, and switched recently to a LDAP/active directory setup (CentOS7/Openfire 3.9.3).
I just came across the following problem:
We have two persons with the same identical first and last name but working in two different entities, and stored in two different OUs in active directory - resulting in them having the same CN but a different DN.
I created a group (associated to a roster group) and the first matched CN user was selected, not the correct one.
Maybe I missed a step or configured my server incorrectly, but it seems that usersearch is not based on the DN.
Shall you need more details, don’t hesitate to ask.