powered by Jive Software

Shared ldap group issue: No status updates?

Hi everybody,

it looks like there are some issues with the status updates when using shared groups i would like to have verified:

We are retrieving user and group information from our corporate ldap (OpenLDAP).

We are using our LDAPGroups and share them to all the members of these groups.

This works all fine, except that the status information of the users are not updated in the clients (spark, pidgin, etc.) when they come online / go offline. I see the notifications in the audit log as well as in the openfire admin console.

I searched a while in the forum and it seems like are quite some unanswered / unresolved threads with the same topic.

I would just like to be sure if there is a workaround or not, because if there is not this would make unusable for us because this the main feature for us to move to openfire / jabber.

Thanks in advance, Florian

Hi Florian,

did you add some users in more than one group?

There are some problems but I have no idea if this is a client (which affects not only Spark) or a server issue, I did create JM-1063 some months ago, you may want to vote for it.

You may want to browse JIRA for more issues with “groups”.

LG

Hi,

there are currently 25 users in the group (populated from our corporate ldap).

When i look at the audit trail all the presence flags appear in it. How can i find out if they are sent to the clients?

I think it’s quite strange as this problem is reported various times and it does not seem that is has been resolved only once.

I really would like to know if somebody is using shared contact lists which are retrieved from a LDAP / AD which are working correctly (updating presence information in the roster)?

Thanks, Florian

We are not seeing problems on our end. Here’s what we’ve got:

  • Openfire 3.3.2 (with bundled JVM) on Windows Server 2003 Enterprise

  • modified Pandion 1.5 clients

  • Users and groups are in Active Directory

  • 383 users in 29 groups

We are not haveing any issues with status either.

We are running :

  • Openfire 3.3.3 on windows XP sp2

  • Spark 2.5.7 on windows XP sp2

  • Authentication via AD

  • Users are spread across 13 states

  • Works in all locations on internal network and externally from home

Hi,

thanks for your information. So it actually looks like the issue is realted to the usage of OpenLDAP.

When i remove:

<group>

<className>org.jivesoftware.openfire.ldap.LdapGroupProvider</className >

</group>

from the config and create a group manually with all the user from LDAP it works. It really looks the presence packages are never send to the clients when they are members of a shared LDAP group.

I’ll open a jira issue for this one. Similar threads report the same issue with OpenLDAP environments since version 3.0.1

Regards, Florian

I have the same problem.

I´m using:

Openldap 2.3.30-5 with Samba Schema - Debian Etch

Openfire 3.4.3 - Debian Etch

Spark 2.5.8 - Windows XP SP2

If i use database instead LDAP, presence in client work fine.

A litle workaround

Coment this line:

<className>org.jivesoftware.openfire.ldap.LdapGroupProvider</className& gt;

in file openfire.xml, restart openfire, create groups manually, assign users to group, share groups, and be happy!

Sorry for my english

Im work whit openldap an

my openfire.xml conf is:

<autoFollowReferrals>true</autoFollowReferrals>

<searchFilter>(objectClass=inetOrgPerson)</searchFilter>

<!searchFilter>(objectClass=inetOrgPerson) (!(sambaAcctFlags=D))> </searchFilter>

<usernameField>uid</usernameField>

<nameField>displayName</nameField>

<emailField>mail</emailField>

<groupSearchFilter>(objectClass=sambaGroupMapping)</groupSearchFilter& gt;

<groupNameField>cn</groupNameField>

<groupMemberField>memberUid</groupMemberField>

<groupDescriptionField>displayName</groupDescriptionField>

<posixMode>true</posixMode>

</ldap>

<provider>

<vcard>

<className>org.jivesoftware.openfire.ldap.LdapVCardProvider</className >

</vcard>

<user>

<className>org.jivesoftware.openfire.ldap.LdapUserProvider</className& gt;

</user>

<auth>

<className>org.jivesoftware.openfire.ldap.LdapAuthProvider</className& gt;

</auth>

<group>

<className>org.jivesoftware.openfire.ldap.LdapGroupProvider</className >

</group>

And work very good.