I have following setup:
AD domain, named somecorp.org, domain controller named dc.somecorp.org and OpenFire host named openfire.somecorp.org. User authentication is going through LDAP, base DN is pointing to somecorp.org.
Now to the point:
1st case:
XMPP.DomainName = somecorp.org (for some unknown reason for me server name is the same), so SSL certificate host is pointing to somecorp.org not the needed openfire.somecorp.org! User authentication is ok, as it is adding xmpp.domainname to the user (e.g. admin is admin@somecorp.org).
SSL certificate host is wrong! it must point to openfire.somecorp.org, not the entire domain!
2nd case:
XMPP.DomainName (aka host) = openfire.somecorp.org, SSL certificate is now ok as it points to the correct host, but user lookup is wrong - now it tries admin@openfire.somecorp.org and this is totally wrong! I have LDAP authentication, why it’s adding xmpp domain not the ldap base dn?
User lookup is wrong!
So in either case something is going wrong. And the question is - what to do? I need certificate for correct host (e.g. openfire.somecorp.org) and user lookup through AD domain somecorp.org.**
**