I have recently installed Openfire IM srver and used the LDAP connector to authenticate users via Active Directory. I know connections can be restricted by IP address but does anyone know how to restrict connections based on userid or group in AD. It seems all users with an AD account can connect to the IM server which is not the most secure way of organising things.