I have search and dont quite understand group mappign yet. I have it working in some ways, but I created groups specifically for Openfire to use with Spark so that my users do not have to add anyone. The groups are in: Example
Domain -> Info Tech -> ITTest -> (all my Universal Security Groups)
I have a group for each orginization in that folder. What i would like is for Openfire to see only these groups as the ones being used for instant messaging. As it is right now I get distro and security groups from everywhere in the domain and that makes a list of hundreds of groups and most of them have extra users I do not want in the Openfire groups.
So, how do i get openfire to only see the groups in this folder?
I answered my own question by follwing part of this thread:
@speedy wrote:
I’ve seen this question asked a few times. “How can I used my AD roster groups for user authentication?” I beleive I have found the solutions.
for this example I’ll be using the following:
AD domain = AD-DOMAIN.local
access group = Openfire Access Group
roster groups = _IM Group1, _IM Group2
(*note - I’ll be using _IM as part of a wildcard search, so all my groups start with _IM for that reason)
First create your security groups:
Create a Domain Local Security Group. In our example call it Openfire Access Group and place it in the user container.
Created regular security groups, in our example _IM Group1 and _IM Group2.
Make _IM Group1 and _IM Group2 members of the Openfire Access Group
Add your users to the _IM groups
(include your openfire admin account, or make it a member of the Openfire Access Group )
Next, set your system properties in openfire:
ldap.baseDN
DC=AD-DOMAIN,DC=local
ldap.groupSearchFilter
(objectClass=group)(cn=_IM*)
Openfire now only noticed my groups that start with IM- in my case.
I am thinking of adding it now so that only people in those groups can log into the client, this way if we need others all we have to do is add them to their specific group.