powered by Jive Software

Openfire filtering objects from User Summary

This is the new thread requested for the issue regarding filtering out Computers in user summary

Previous thread was http://www.igniterealtime.org/community/thread/31654?tstart=0

I haven’t restarted the service, I have been testing it in the profile settings and putting the values in the field and hitting “test settings” and it still comes up with computers in the test.

Can you provide a description or diagram of your AD tree structure and your current openfire.xml edited for security? It would help me help you.

<ldap>

<host>server</host>

<port>389</port>

<baseDN>DC=domain,DC=local</baseDN>

<adminDN>CN=user,OU=Techs,DC=domain,DC=local</adminDN>

<adminPassword>password</adminPassword>

<connectionPoolEnabled>true</connectionPoolEnabled>

<sslEnabled>false</sslEnabled>

<ldapDebugEnabled>false</ldapDebugEnabled>

<autoFollowReferrals>false</autoFollowReferrals>

<usernameField>sAMAccountName</usernameField>

<searchFilter>(objectClass=organizationalPerson)</searchFilter>

<vcard-mapping> <![CDATA[

</vCard>]]></vcard-mapping>

<nameField>cn</nameField>

<emailField>mail</emailField>

<groupNameField>cn</groupNameField>

<groupMemberField>member</groupMemberField>

<groupDescriptionField>description</groupDescriptionField>

<posixMode>false</posixMode>

<groupSearchFilter>(objectClass=group)</groupSearchFilter>

</ldap>

Attached is a screen shot of my AD (edited of course)

and a shot of my User summary also edited, but left one of the PC names as an example. That one is going to be deleted soon anyways.

Thanks for the screen shots. Are you users and computers together in their OUs. It is hard to tell since you did such a great jub editing for security.

I have attached my structure and xml for reference.

Yes they are…so in Location 1 there would be that computer 12-10500 and then in the same OU of Location 1 there would be a user.

I’ve asked to restructure AD for them but they do not want to risk losing the settings they have implemented.

So then it almost looks like using your base dn as OU=MTSaccounts,DC=domain,DC=com would explain why you don’t have as many issues as the rest You’re AD is strauctured how it’s supposed to be. One of the down falls of coming into an established company with only a title of tech.

The structure is key, but a filter should work to get rid of those pesky computers. The question is what filter. I had to completely change the AD structure when I started with this company a little over a year ago. There was no semblence of structure or organization of the AD tree. The best way to do this is creat the new OU structure first, then link in any policies that are needed, then finally move the Users and Computers to their new OUs. There should be no interruption or loss of settings this way.