Recently I had a problem where my user was returning multiple resources from AD when openfire was doing a lookup. Obviously, this is not desired, and open fire sorta gave up and bombed. Now, the real cause of the problem is why did this happen?
Let me try to explain our AD structure. We have 1 global AD setup, and then a few sub AD setup’s underneath it. What happened yesterday is we created an account in one of the sub AD’s that happened to have the same name as my account in the main AD. The question is, in openfire I have a bind DN set for the main domain that would never even search the sub directories, so why were 2 users still being returned? Maybe there is a bigger issue here?
Other services we have available that query the AD for authentication did not have any issues with this, mainly because they abide by the domain ou that is specified.
Does anyone have any thoughts?