Hello all - I have found the issue… And it is due to the way Openfire Auto creates accounts when performing LDAP lookups.
I have figured out why random users are not found in the LDAP search with Spark/Openfire. I have configured Openfire to search the entire forest (port 3268) for users in our organization - obviously this includes all of our child domains in the forest.
When Openfire queries AD, it completely ignores the child domain and only looks at the pre-windows 2000 user id. If there are two user id’s that match identically, Openfire does not know what to do with them, so the application simply does not return a result for that person.
For Example - John Doe in Child domainA would have the pre-Windows login of ‘domainA\doej’. Jane Doe in Child domainB would have the pre-windows login of ‘domainB\doej’. Openfire ignores the ‘domainX’ information and will not create an Openfire account for the users since they both have the ‘doej’ username.
I am working to configure Openfire to include the domain in the Openfire login name, but havent tested as of yet, nor know what implications this will have to existing users. I will update at a later date when I have that information.