I have read the posts on multiple domains but most of them are a few years old. what is the current status on one openfire server viewing multiple domains?
I currently have two domains and would like to have users on both domains communicate with each other via spark. what are the possible solutions for domain.com and domain.net (that trust each other) to communicate on one lan?
Thank you for any advice or experience on this.
hoping for either openfire to support multiple domains now, AD LDS instructions/configuration, or multiple OpenFire servers talking to each other.
Are the domains in the same forest? if so, you might be able to make your base dn the root of the forest connecting to the global catalog server port. A potential issues might be having users with the same username in both domains.( jdoe@domain.com and jdoe@domain.net). You might have to change your mappings a bit to use something other the samaccountname.
I’ve been meaning to create a lab to test some of this; along with forest-forest trust. I just haven’t been able to get around to it.
I think the quickest way would be to set up 2 different servers, one for each domain, and then set up s2s between the two.
I have the same configuration: two domains with trusted relations, ADAM instance, one openfire server. The production installation was perfomed by my colleague. If you need step-by-step instructions I can post it here.
The issue with the same samAccountName is really present.
Just to clarify, those older posts are still valid. There is no official multi-domain support in Openfire. And it is not planned. It is a complex task for the limited development resources here.
S2S sounds like a better solution for this, but just on paper. One may run into various problems with it. So the already mentioned workaround (with the same account name issue) seems like the only viable option.
I have created two servers. server A queries Domain 1 and server B queries Domain 2. I have added each server to the Server to Server settings, tested telnet 5269, and DNS resovles the server names.
Im using Spark 2.7.1 and I have added users from both domains to a group that is in domain 1. the user that is in domain 2 is showing the following under groups on the domain 1 server manager (* Note: Remote users or entities should accept presence subscriptions automatically.)
the search function via spark does not show users from the other domain as I try to add the search.domain.com to the search service but it tells me “unable to contact search service”.
any advise on these errors or other testing methods for server to server would be greatly appreciated.
With my current configuration I am not able to search using Sparks “search.dserve.net” ( i get the error “unable to contact search service”). I can from a users that is using spark and connected to domain 1, add a contact from domain 2 by typing the user jid of the user (eg name@server.domain1.com).
At this point the issue is having domain1 users search users on domain2 and vice-versa via spark and seeing users in groups cross domain.
I have created the srv records you suggest but I don’t see any change in behavior. the search and conference rooms still don’t connect. I still need to add a cname for search.server.domain.com and conference.server.domain.com. Should the xmpp srv records be taking the place of the cnames? Am I not understanding what the xmpp srv entries should be doing?
The xmpp srv records seem to work if I am using Pidgin but that only helps for logging in.
I run nslookup -querytype=SRV _xmpp-client._tcp.domain1.com and the result shows this is configured correct.
Would it have anything to do with kind of client I would be using? (spark?)
any update on this would be much appreciated.
I am hoping to have a way to create a srv records rather than a cname for the search and conference services. Im just wondering if I am setting this up with best practice procedures.
Honestly, I don’t really know the answer to your questions, as I use a single domain and server. I would just make sure your SRV records are correct, and make sure you have one for server and client. From your example, your SRV record might look more like _xmpp-client._tcp.server.domain.com with a target of the FQDN of the server. Maybe someone else can offer more assistance, but I would think the srv record vs cname would be preferred, but you gotta do what works