powered by Jive Software

Openfire is limited to 1000 Active Directory User Accounts

I noticed that Openfire 3.4.4 is limited to 1,000 users in Active Directory. Is there a way for me to specify that I only want to see items where objectClass=User? I have a lot of contacts setup underneath the BaseDN that I am using and it is causing problems, since they are being populated as users as well. Can anyone help me?

Active Directory has a limit to number of returns per query. This is not an Openfire issue. To adjust this please read this information: http://support.microsoft.com/kb/315071

Thanks! That worked…

If you want to filter on your results, just put in an ldap search filter in openfire.xml

<searchFilter>(memberOf=CN=openfireusers,CN=Users,DC=example,DC=com)</searchFilter>

which will only return users of a group (this is what i use).

You could also do something like:

<searchFilter>(&(objectClass=user)(objectCategory=person)(|(memberof=cn=group0,cn=users,dc=example,dc=com)(memberof=cn=group1,cn=users,dc=example,dc=com)(memberof=cn=group2,cn=users,dc=example,dc=com)(memberof=cn=group3,cn=users,dc=example,dc=com))(cn=*))</searchFilter>

which would return any ‘person’ who is a member of group0 OR group1 OR group2 OR group3 (I haven’t used this query with openfire, but I use it with apache in another app (change the “&” to “&” - these forums are changing it).

another thing you could throw in there is to only use enabled accounts

(!(userAccountControl:1.2.840.113556.1.4.803:=2))

No problem. Don’t forget to award points .