Separate two groups of users on one server

Hi all,

I want to host an openfire server for two small comanys. Each company has about five users.

Is it possible to separate this two groups, so one user of company1 can not talk to users of company2 and vice versa?



There is no easy solution for this. you could use the packet filter to attempt to do this. Keep inmind that the server would need a domain name so one of the companies would be using a chat server with the domain of the other company.

additionally there is the this section of the openfire.xml:

<!-- Network settings. By default, Openfire will bind to all network interfaces.

Alternatively, you can specify a specific network interfaces that the server

will listen on. For example, This setting is generally only useful

on multi-homed servers. -->






This could allow mutiple copies of openfire to run on the same server from seperate NICs and unique directories. In theory.

Thanks for your answer.

Both companies would use my domain (, so that should not be a problem.

I already thought about running two instances of openfire. But for various reasons I don’t want to do this.

Maybe the best way for me is to disable the search function, so users can not search for other users. Then one has to know the exact user name of another user to add him as a contact, right?

That is possible you could also create groups for each location and share them for their users only. This would auto populate a roster with the users from their organization. You may also want to enable the subscription plugin and set it to Reject all (see attachment). This would make it so people can not request the addition of users to their roster. You may still want to consider the packet filter too.

Creating groups for each location is what a want to do. I wasn’t aware of the subscription plugin which seems interesting in this case. Thank’s for that.

But how does this packet filter option work? I think you are talking about something like iptables. As both companies have mobile users, I can not just filter by ip address. So what do I have to look for when filtering im packets?

I mean rules created with the packet filter:

plugin found here:

or via you plugins page of your server.


thank you very much for your support. With all this information, I think I can setup the desired service.