My previous attempts to get Contact List sharing with AD have failed so I’ve moved to OpenLDAP.
All my users are in cn=Users,dc=domain,dc=com and I’d like to set up Openfire to just use the Users container as a group and push out a contact list automatically to anyone who authenticates.
However, if that’s not possible and I do need an actual group, it doesn’t seem to work. I’ve added a Posixgroup under cn=Group,dc=domain,dc=com with all the users in it, but Openfire doesn’t show any members in that group.
Any help appreciated!
You need to use actual groups. This si the same for AD and OpenLDAP. What kind of issue would you have sharing AD groups (short of corrupted accounts missing from the groups, which AD is notorious for)?
My problem was that the Contact List wouldn’t populate to people who connected to the server.
Since then, we’ve moved over to LDAP authentication on the servers, so I’ve moved Openfire to it instead, which connects fine.
If I do need a group, what is the LDAP layout I should use for it? Is there perhaps an LDIF example for creating a group?
I created a posixGroup called “im” under cn=Group,dc=domain,dc=com and put all the users in it, and although this group shows in the Group List, the Members list on the Group page only says “No members in this group.”
I still do not understand how not using your already configured AD server is going to solve your issue with your spark clients. If as you imply you did everything correctly on the openfire server then the issue had to be client end.
Well, either way we’re moving to OpenLDAP for this sort of authentication so now I need to make it work under that.
Users are created as posixUser containers since it’s primarily used for server auth. What should I set so Openfire sees all the members of “cn=im,ou=Group,dc=domain,dc=com”?