I noticed that Openfire 3.4.4 is limited to 1,000 users in Active Directory. Is there a way for me to specify that I only want to see items where objectClass=User? I have a lot of contacts setup underneath the BaseDN that I am using and it is causing problems, since they are being populated as users as well. Can anyone help me?
Active Directory has a limit to number of returns per query. This is not an Openfire issue. To adjust this please read this information: http://support.microsoft.com/kb/315071
Thanks! That worked…
If you want to filter on your results, just put in an ldap search filter in openfire.xml
<searchFilter>(memberOf=CN=openfireusers,CN=Users,DC=example,DC=com)</searchFilter>
which will only return users of a group (this is what i use).
You could also do something like:
<searchFilter>(&(objectClass=user)(objectCategory=person)(|(memberof=cn=group0,cn=users,dc=example,dc=com)(memberof=cn=group1,cn=users,dc=example,dc=com)(memberof=cn=group2,cn=users,dc=example,dc=com)(memberof=cn=group3,cn=users,dc=example,dc=com))(cn=*))</searchFilter>
which would return any ‘person’ who is a member of group0 OR group1 OR group2 OR group3 (I haven’t used this query with openfire, but I use it with apache in another app (change the “&” to “&” - these forums are changing it).
another thing you could throw in there is to only use enabled accounts
(!(userAccountControl:1.2.840.113556.1.4.803:=2))
No problem. Don’t forget to award points .