Openfire LDAP login errors

dkeedy · April 21, 2022, 3:35pm

We recently migrated domain controllers from 2012 to 2019. When we try and log in to openfire we are getting LDAP auth errors where the user passes a NULL SID, but only if the username of openfire does not match the password.

For example, username drewx / password drewx This will work successfully.
If I edit the password in LDAP to be 1234 and log in with drewx / 1234 it will fail and pass a null sid into the domain controllers event viewer.

Has anyone experienced this before or have any idea why pre-existing user accounts are unable to log in if their username=/=password?

dkeedy · April 22, 2022, 4:33pm

I’m assuming no one has experienced this type of issue since I haven’t gotten a reply of any sort?

guus · May 10, 2022, 4:44pm

… paging our resident all-that-is-AD expert @speedy …

speedy · May 14, 2022, 8:21pm

sorry for the late response.
I have no idea on this one. if you restart openfire, does it work with the new password? might sound simple, but after changing the password, you don’t have “use must change password on next login” do you? What about password complexity?

I really need to spin up a few VMs.

dkeedy · May 16, 2022, 5:13pm

We actually just updated all the plugins and installed the new version and it fixed itself. Never figured out why @speedy @guus