No I’m afraid not, 3.5.0 is frozen.
And another solution? How big change is that bugfix to everal package? That I could try to build lets say 3.4.5 with this bugfix on my own.
I just need few hints and to hear if its BIGfix or just few lines…
It wasn’t an entirely small fix, but then I was doing other things at the time. The problem is in LdapGroupProvider around the line that shows up in the error log. There’s a loop in there and there’s a try - catch clause that’s outside the loop. If there’s a try-catch clause in side the loop, it’ll simply skip the bad entry and process more of the users.
Ok, I now downloaded 3.4.5 source and going to try to fix that bug
With what you usually build openfire?I want to avoid now bugs
Daniel,
Just to confirm, because my orginial issue is still happening, the problem is because of a bad user? In my implementation I pull the information straight from AD and dont allow users to add external people to their rosters. Unless you mean a user being “disabled” with in AD, but that would still be resolvable.
If I look into a few user’s rosters that appear to be phantoms, I see under their user options -> roster, that the column called subscription is not “BOTH” as it would be for all my other users, its only listed as “IN”. This maybe related to the issue or might be the cause…
I have control over my AD, and I could clean up whatever bad apples to see if it fixes this, but what am I looking for…
Thanks
Generally it’s a group member that’s still in the group but who’s account doesn’t really exist in LDAP anymore.
but my openfire group membership is also pulled from ldap, so Im a bit lost on this one…
What I’m saying is:
LDAP group A has users userA, userB, and userC
userB does not exist in your LDAP for some reason
typically this is a simple matter of a missed cleanup or something along those lines
That’s the first situation I’ve seen a number of times. The second situation is where userC might be referring to a different base DN than the one that the group is in. I would be surprised if the latter is the case you are running into.
It sounds like that may fix the NPE, but not the actual issue we are reporting with a user not appearing in the roster. I could be wrong, but how can a user that is disabled or removed, but still a member of an LDAP group cause a separate user(that is not disabled or removed) to not appear in a roster? I have this with two of my users right now, and the group that I’m sharing does not have any disabled or removed users in them.
M@
=) What I was trying to describe before was:
With the implementation as it is in the 3.4.* releases, when it gets to a busted entry, it stops processing the group period. If there were users after it, they aren’t going to show up.
Ok I now recheck my AD and found that I got one group “add_INF” as member in “INF”… and openfire thinks its user as well as group (add_inf appears in user management)
Is there any solution for this (I will try tu push our AD admin to solve this as well)??
Ok,
Today I upgraded to 3.5.0 and truly it is not fixed
So can you at least tell me if it cloud be in 3.5.1 (just say soon)?
It’s scheduled for 3.6.0.
worriedly
And how far is 3.6.0 ? Few months?
As far as I know a release date for 3.6.0 has not been set.
You can “try it out” from the nightly builds:
http://www.igniterealtime.org/downloads/nightly_openfire.jsp
But “use at your own risk”. It’s alpha code and not heavily tested yet. Especially in terms of, once you go with 3.6.0, you can’t go back. Database changes and such will strand you at 3.6.0. So I recommend you back up your database and config and such before you try it. You’ll also need new builds of all of the plugins which I think are included in the nightly build.
Ok I deploayed 3.6.0 Alpha from 2008-04-10 nightly build and the error still ocured for me…
errors like this occupied my debug logs…
2008.04.10 17:40:44
LdapManager: Trying to find a user’s DN based on their username.
sAMAccountName: cn=t010049,ou=t < 900,ou=hq,ou=all_usr,dc=glicz,
Base DN: DC=glicz…
2008.04.10 17:40:44 LdapManager: Creating a DirContext in LdapManager.getContext()… 2008.04.10 17:40:44 LdapManager: Created hashtable with context values, attempting to create context… 2008.04.10 17:40:44 LdapManager: … context created successfully, returning. 2008.04.10 17:40:44 LdapManager: Starting LDAP search… 2008.04.10 17:40:44 LdapManager: … search finished 2008.04.10 17:40:44 LdapManager: User DN based on username ‘cn=t010049,ou=t < 900,ou=hq,ou=all_usr,dc=glicz’ not found. 2008.04.10 17:40:44 LdapManager: Exception thrown when searching for userDN based on username ‘cn=t010049,ou=t < 900,ou=hq,ou=all_usr,dc=glicz’ org.jivesoftware.openfire.user.Use rNotFoundException: Username cn=t010049,ou=t < 900,ou=hq,ou=all_usr,dc=glicz not found at org.jivesoftware.openfire.ldap.LdapManager.findUserDN(LdapManager.java:693) at org.jivesoftware.openfire.ldap.LdapManager.findUserDN(LdapManager.java:619) at org.jivesoftware.openfire.ldap.LdapUserProvider.loadUser(LdapUserProvider.java: 79) at org.jivesoftware.openfire.user.UserManager.getUser(UserManager.java:212) at org.jivesoftware.openfire.ldap.LdapGroupProvider.processGroup(LdapGroupProvider .java:368) at org.jivesoftware.openfire.ldap.LdapGroupProvider.getGroup(LdapGroupProvider.jav a:87) at org.jivesoftware.openfire.group.GroupManager.getGroup(GroupManager.java:253) at org.jivesoftware.openfire.group.GroupCollection$UserIterator.getNextElement(Gro upCollection.java:102) at org.jivesoftware.openfire.group.GroupCollection$UserIterator.hasNext(GroupColle ction.java:65) at org.jivesoftware.openfire.admin.group_002dedit_jsp._jspService(group_002dedit_j sp.java:456) at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:97) at javax.servlet.http.HttpServlet.service(HttpServlet.java:820) at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:487) at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.ja va:1093) at com.opensymphony.module.sitemesh.filter.PageFilter.parsePage(PageFilter.java:11 8) at com.opensymphony.module.sitemesh.filter.PageFilter.doFilter(PageFilter.java:52) at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.ja va:1084) at org.jivesoftware.util.LocaleFilter.doFilter(LocaleFilter.java:65) at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.ja va:1084) at org.jivesoftware.util.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingF ilter.java:41) at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.ja va:1084) at org.jivesoftware.admin.PluginFilter.doFilter(PluginFilter.java:69) at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.ja va:1084) at org.jivesoftware.admin.AuthCheckFilter.doFilter(AuthCheckFilter.java:98) at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.ja va:1084) at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:360) at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216) at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:181) at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:726) at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:405) at org.mortbay.jetty.handler.ContextHandlerCollection.handle(ContextHandlerCollect ion.java:206) at org.mortbay.jetty.handler.HandlerCollection.handle(HandlerCollection.java:114) at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:139) at org.mortbay.jetty.Server.handle(Server.java:324) at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:505) at org.mortbay.jetty.HttpConnection$RequestHandler.headerComplete(HttpConnection.j ava:828) at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:514) at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:211) at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:380) at org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:395) at org.mortbay.thread.BoundedThreadPool$PoolThread.run(BoundedThreadPool.java:450)
And start of the groups list look like this
add_inf@t00l011 ***
cn=t010086,ou=cz_usf_inf_uss,ou=hq,ou=all_usr,dc=glicz@t00l011 ***
cn=t910495,ou=cz_usf_inf_pro,ou=hq,ou=all_usr,dc=glicz@t00l011 ***
t010028\
t010044\
t010080\
t010184\
t010364\
t010411\
t010423\
The log is from the time I retrieve the group
And its interesting that the errors are on the start of debug file not at the end
If you tell me taht you want more information I can give you them (but cant copy AD due to security)…
I have an update:
I installed Version 3.5.0 and painstakingly re-created all of my active directory groups, and repopulated them with the same users.
I noticed the following:
User count as per the users summary page: 132
Now I have a group called “OF_All_Users” that I put ALL of my users into. The count on that is: 129. I have found the 3 users and their are no differences I can find with them. I have checked permissions, I have checked for deadusers, I have even redone the installation. I am out of ideas… and one of the persons not working, is my bosses boss… so the heat is on… PLEASE HELP
This is a clip from my error log:
java.lang.NullPointerException
at org.jivesoftware.openfire.ldap.LdapGroupProvider.populateGroups(LdapGroupProvid er.java:673)
at org.jivesoftware.openfire.ldap.LdapGroupProvider.getGroup(LdapGroupProvider.jav a:99)
at org.jivesoftware.openfire.group.GroupManager.getGroup(GroupManager.java:204)
at org.jivesoftware.openfire.group.GroupCollection$UserIterator.getNextElement(Gro upCollection.java:102)
at org.jivesoftware.openfire.group.GroupCollection$UserIterator.hasNext(GroupColle ction.java:65)
at org.jivesoftware.openfire.admin.group_002dsummary_jsp._jspService(group_002dsum mary_jsp.java:209)
at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:97)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:487)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.ja va:1093)
at com.opensymphony.module.sitemesh.filter.PageFilter.parsePage(PageFilter.java:11 8)
at com.opensymphony.module.sitemesh.filter.PageFilter.doFilter(PageFilter.java:52)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.ja va:1084)
at org.jivesoftware.util.LocaleFilter.doFilter(LocaleFilter.java:65)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.ja va:1084)
at org.jivesoftware.util.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingF ilter.java:41)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.ja va:1084)
at org.jivesoftware.admin.PluginFilter.doFilter(PluginFilter.java:69)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.ja va:1084)
at org.jivesoftware.admin.AuthCheckFilter.doFilter(AuthCheckFilter.java:98)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.ja va:1084)
at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:360)
at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216)
at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:181)
at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:726)
at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:405)
at org.mortbay.jetty.handler.ContextHandlerCollection.handle(ContextHandlerCollect ion.java:206)
at org.mortbay.jetty.handler.HandlerCollection.handle(HandlerCollection.java:114)
at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:139)
at org.mortbay.jetty.Server.handle(Server.java:324)
at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:505)
at org.mortbay.jetty.HttpConnection$RequestHandler.headerComplete(HttpConnection.j ava:828)
at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:514)
at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:211)
at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:380)
at org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:395)
at org.mortbay.thread.BoundedThreadPool$PoolThread.run(BoundedThreadPool.java:450)
My openfire conf file:
<?xml version=“1.0” encoding=“UTF-8”?>
<jive>
<adminConsole>
<!-- Disable either port by setting the value to -1 -->
<port>9090</port>
<securePort>9091</securePort>
</adminConsole>
<admin>
<authorizedUsernames>lswvk</authorizedUsernames>
</admin>
<locale>en</locale>
<connectionProvider>
<className>org.jivesoftware.database.EmbeddedConnectionProvider</class Name>
</connectionProvider>
<ldap>
<host>DOMAIN CONTROLLER</host>
<port>636</port>
<baseDN>dc=hq;dc=DOMAIN;dc=com</baseDN>
<alternateBaseDN>dc=OTHER;dc=DOMAIN;dc=com</alternateBaseDN>
<adminDN>CN=Wildfire IM Server;CN=OpenfireGroups;CN=Users;DC=hq;DC=DOMAIN;DC=com</adminDN>
<adminPassword>*****************</adminPassword>–>
<connectionPoolEnabled>true</connectionPoolEnabled>
<sslEnabled>true</sslEnabled>
<ldapDebugEnabled>false</ldapDebugEnabled>
<autoFollowReferrals>false</autoFollowReferrals>
<usernameField>sAMAccountName</usernameField>
<searchFilter>(&(objectClass=user)(memberOf=CN=OF_All_Users;CN=Openfi reGroups;CN=Users;DC=hq;DC=DOMAIN;DC=com))</searchFilter>
<vcard-mapping><![CDATA[
<vCard xmlns=“vcard-temp”>
<JABBERID>@im.DOMAIN.com</JABBERID>
<N><FAMILY></FAMILY><GIVEN></GIVEN><MIDDLE/></N>
<EMAIL>
<INTERNET/>
<USERID></USERID>
</EMAIL>
<FN></FN>
<PHOTO>
<TYPE>image/jpeg</TYPE> <BINVAL></BINVAL>
</PHOTO> <NICKNAME></NICKNAME>
<ADR>
<HOME/>
<STREET></STREET>
<PCODE></PCODE>
<CTRY></CTRY>
</ADR> <ADR>
<WORK/> <STREET></STREET> <LOCALITY></LOCALITY> <REGION></REGION> <PCODE></PCODE> <CTRY></CTRY>
</ADR>
<TEL>
<HOME/>
<VOICE/>
<NUMBER></NUMBER>
</TEL>
<TEL>
<HOME/>
<CELL/>
<NUMBER></NUMBER>
</TEL> <TEL>
<WORK/> <VOICE/> <NUMBER></NUMBER>
</TEL> <TEL>
<WORK/> <CELL/> <NUMBER></NUMBER>
</TEL>
<TEL>
<WORK/>
<FAX/>
<NUMBER></NUMBER>
</TEL>
<TEL>
<WORK/>
<PAGER/>
<NUMBER></NUMBER>
</TEL>
<TITLE></TITLE>
<org>
<ORGNAME></ORGNAME>
<ORGUNIT> - </ORGUNIT>
</org>
<URL></URL>
</vCard>]]></vcard-mapping>
<nameField>displayName</nameField>
<emailField>mail</emailField>
<groupNameField>cn</groupNameField>
<groupMemberField>member</groupMemberField>
<groupDescriptionField>description</groupDescriptionField>
<posixMode>false</posixMode>
<groupSearchFilter>(&(objectCategory=Group)(objectClass=group)(CN=OF_ *))</groupSearchFilter>
</ldap>
<provider>
<vcard>
<className>org.jivesoftware.openfire.ldap.LdapVCardProvider</className >
</vcard>
<user>
<className>org.jivesoftware.openfire.ldap.LdapUserProvider</className& gt;
</user>
<auth>
<className>org.jivesoftware.openfire.ldap.LdapAuthProvider</className& gt;
</auth>
<group>
<className>org.jivesoftware.openfire.ldap.LdapGroupProvider</className >
</group>
</provider>
<setup>true</setup>
<log>
<debug>
<enabled>False</enabled>
</debug>
</log>
</jive>
What about this thread? Will it solve your problem?
I’m going to tell our AD admin about that and I’m going to try this method.