Openfire LDAP question

Hi all,

a quick question re Openfire features: is it possible to point the Openfire server to multiple LDAP trees for user authentication? We have several AD servers within our organisation (normally, one per site/country). We’d like to run a single server at headoffice rather than one at each site.



So since you are using the term trees are we to assume that all your offices are members of the same Forrest or domain? If so you should be able to use your Forrest as your baseDN and then use Filters to limit the users/groups.

Currently I configured openfire to use my user list from my LDAP server.

My base DN is:


How would I use filters so that say only people with the last name “Smith” are given openfire accounts?



this is a sample filter by group:


You may be able to modify it to search by last name like this: