We have a Windows 2003 R2 domain right now (will upgrade it to 2008 R2 later this year).
Clients are mainly Windows XP SP3, but we have 6 Windows 7 64-bit machines and a vista here and there (few and far between).
The Openfire server is running on Ubuntu Linux on VMWare ESX 4 server.
Openfire is tied into active directory. Anyone with an active directory account can use those same credentials to log into the instant message platform. Domain Admins can log into the openfire web interface admin console.
I’ve seen articles regarding setting up SSO if everythign is windows, however Openfire is running on Ubuntu Linux.
I don’t understand why Spark itself doesn’t have an option to just try and authenticate using the currently logged on windows credentials. Internet Explorer can do that, so does Outlook and a few other apps.
because IE and Outlook are MS products and use the built in windows authentication procedures. The spark is authenticating to openfire not a windows server or service. openfire and spark need addition coding and programming to access the authentication key generated by windows. It is not an easy or by the numbers thing. It will vary from domain to domain, so any guide may or may not work for you.
I know, but are there any beta’s of spark that “pulls” the current credentials from the windows system that it was launched in, and then pass them to Openfire?
Openfire already does LDAP. Right now if we put our windows username and passwords in the box, it signs us on.
A program should be able to make a function call to see in which user context it was launched in. Now of course if you right clicked on it and “ran as administrator” and put in the administrator password, Windows would launch the spark.exe process under that user context and sign them in as “Administrator”.
It’s Ubuntu with Openfire 3.6.4
All Spark 2.5.8 clients
We frowned upon pidgen because it stores passwords as plain text, and the passwords would be the same as windows / e-mail.
have you actually tried enabling sso? we are running openfire on a debian server against active directory. all my clients are windows, xp and windows 7 and all auth using sso.
kerberos has a steeper learning curve then integrated auth, so there will be some configuring to do on the server, its not just point-click.
there are several sso guides available and lots of forum posts. do some reading, give it a try, and post back with problems encountered.
Since there is no single guide for SSO with Windows Active Directory + Linux Openfire Server, it’s a little weird that you managed to do it and also so easily point people to the guides. The guides are all about Windows Openfire Server.
I have not been able to establish working SSO, and I followed all guides, no luck whatsoever.
Please link to a guide for Linux openfire server + Windows A/D or write the differences in how to do it compared to a Windows guide.
Since there is no single guide for SSO with Windows Active Directory + Linux Openfire Server, it’s a little weird that you managed to do it and also so easily point people to the guides. The guides are all about Windows Openfire Server.
I have not been able to establish working SSO, and I followed all guides, no luck whatsoever.
Please link to a guide for Linux openfire server + Windows A/D or write the differences in how to do it compared to a Windows guide.
Thanks
not so much wierd, I just did lots of searching and reading and tried stuff on my own. Can you list out any steps you have tried?
notice in the search I have posted lots to that. I don’t think I followed any one specific guide but pieced some together. the last 2 links above (not including the search link) have very good info. They are for slightly older versions but I don’t think the technology has changed since then. My openfire server is 3.5.1 I think.
Good luck and respond back with other questions and steps you may have tried that didn’t work.