This is a weird situation, I know, but I have fully working LDAP/AD integration working and shiny in OpenFire, and it works great. But, of course, the password for the user is the AD password. What I would like (again, I know it is odd, but trust me, it makes sense for my environment) is for everything to come from AD but for me to be able to give EVERYONE the same password.
For example, user jkirk pulls down everything from AD that I already have working - user info, photo of the user for the icon, all the phone info, etc, – but instead of the AD password, they use a password of MY devising to log in - one shared by all users.
Essentially what I am asking is, is there a way to step in and tell openfire that when syncing with AD, instead of taking username as {adusernameproperty} and the password as {adpasswordproperty}, to take the username as {adusernameproperty} and the password as “custompass” ?
Altough i haven’t tested it, you might have some success if you initially configure LDAP authentication and later, changed the property provider.auth.className to your database authentication. Then in theory you would have user information pulled from ldap but authentication would be done from a custom database.
That’s a thought… my first response though would be the fact that things change often and our list of employees (and the info we want to keep up to date on their vcards) changes pretty regularly. I wonder if there is a third party app I can use to fill a custom db FROM ldap, that I could just have run nightly or weekly or the like. Sigh - this seems like it should be easier.