powered by Jive Software

Spark SSO (Windows Active Directory, but Linux Openfire server)

We have a Windows 2003 R2 domain right now (will upgrade it to 2008 R2 later this year).

Clients are mainly Windows XP SP3, but we have 6 Windows 7 64-bit machines and a vista here and there (few and far between).

The Openfire server is running on Ubuntu Linux on VMWare ESX 4 server.

Openfire is tied into active directory. Anyone with an active directory account can use those same credentials to log into the instant message platform. Domain Admins can log into the openfire web interface admin console.

I’ve seen articles regarding setting up SSO if everythign is windows, however Openfire is running on Ubuntu Linux.

I don’t understand why Spark itself doesn’t have an option to just try and authenticate using the currently logged on windows credentials. Internet Explorer can do that, so does Outlook and a few other apps.

Any documentation would be helpful,

Thanks!

because IE and Outlook are MS products and use the built in windows authentication procedures. The spark is authenticating to openfire not a windows server or service. openfire and spark need addition coding and programming to access the authentication key generated by windows. It is not an easy or by the numbers thing. It will vary from domain to domain, so any guide may or may not work for you.

I know, but are there any beta’s of spark that “pulls” the current credentials from the windows system that it was launched in, and then pass them to Openfire?

Openfire already does LDAP. Right now if we put our windows username and passwords in the box, it signs us on.

A program should be able to make a function call to see in which user context it was launched in. Now of course if you right clicked on it and “ran as administrator” and put in the administrator password, Windows would launch the spark.exe process under that user context and sign them in as “Administrator”.

It’s Ubuntu with Openfire 3.6.4

All Spark 2.5.8 clients

We frowned upon pidgen because it stores passwords as plain text, and the passwords would be the same as windows / e-mail.

have you actually tried enabling sso? we are running openfire on a debian server against active directory. all my clients are windows, xp and windows 7 and all auth using sso.

kerberos has a steeper learning curve then integrated auth, so there will be some configuring to do on the server, its not just point-click.

there are several sso guides available and lots of forum posts. do some reading, give it a try, and post back with problems encountered.

How can we automatically login to sparkweb when we login to a custom web page?

Since there is no single guide for SSO with Windows Active Directory + Linux Openfire Server, it’s a little weird that you managed to do it and also so easily point people to the guides. The guides are all about Windows Openfire Server.

I have not been able to establish working SSO, and I followed all guides, no luck whatsoever.

Please link to a guide for Linux openfire server + Windows A/D or write the differences in how to do it compared to a Windows guide.

Thanks

joecamel wrote:

Since there is no single guide for SSO with Windows Active Directory + Linux Openfire Server, it’s a little weird that you managed to do it and also so easily point people to the guides. The guides are all about Windows Openfire Server.

I have not been able to establish working SSO, and I followed all guides, no luck whatsoever.

Please link to a guide for Linux openfire server + Windows A/D or write the differences in how to do it compared to a Windows guide.

Thanks

not so much wierd, I just did lots of searching and reading and tried stuff on my own. Can you list out any steps you have tried?

Here is a start for search help

http://www.igniterealtime.org/community/thread/34861

http://www.igniterealtime.org/community/thread/30151

http://www.igniterealtime.org/community/message/158206#158206

http://www.igniterealtime.org/community/docs/DOC-1060

http://www.igniterealtime.org/community/message/201327#201327

and a search

http://www.igniterealtime.org/community/search.jspa?peopleEnabled=true&userID=&c ontainerType=&container=&q=debian+sso

notice in the search I have posted lots to that. I don’t think I followed any one specific guide but pieced some together. the last 2 links above (not including the search link) have very good info. They are for slightly older versions but I don’t think the technology has changed since then. My openfire server is 3.5.1 I think.

Good luck and respond back with other questions and steps you may have tried that didn’t work.