While installing Openfire 3.7.1, i remarked a two things that could be handled better:
- The file openfire.xml is readable to users, which means a basic user on a terminal server could read that file, see the database password, and gain full access over the openfire server.
Solution: I’ve set that file only readable by SYSTEM and Administrators, works fine. Any way to add this to a future installer please ?
- The Openfire server service tries to start regardless of if the database service has already started, meaning that on reboot, sometimes openfire service will start before database service, and fail.
Solution: I’ve set service dependancy in the registry: HKLM\System\CurrentControlSet\services\Openfire
Create a REG MULTI SZ value called “DependOnService” and fill it with your SQL service name.
Maybe, the installer could ask the Database service name and create this value automagically.
Anyway, i’m pretty happy with Openfire. These are just nice suggestions.