powered by Jive Software

User mapping error

Hi,

Im tryin to setup openfire 3.4.3 on a windows 2003 r2 machine.

When i test connection settings it says success.But at user mapping screen it`s givin error sayin no users were found.

I have attached relevant screenshots.what might be the problem??

First Page -> BaseDN “staff” is probably an OU no CN. See if that solves the problem. The rest looks fine at the first look.

I have also tried with out staff ou setting as openfire will by default read the entire LDAP sub-tree… the problem is still there…

Can you include your wildfire.xml, also where are your users located within AD? The default users container? Also what domain are your users in? Are they being pulled from another domain within your forest?

You probably need the staff OU. The problem probably lies with the fact that you entered is as a CN ont an OU. Change it to OU=staff. Also the Host name should be a fully qualified domain name (icarus.domain.com)

I`ve already tried ou=staff setting and also tried FQDN… still same problem…no users found…

Have you really, REALLY made sure that your admin user has full reading rights on your domain?

YES.

Thanks a lot to all of you guys for your help.But the problem is still there…

I`ve attached the openfire.xml file. please go through the file if possible.

Thanx.

I would sugget changing

<adminDN>mitid\administrator</adminDN>

to something like

<adminDN>CN=administrator,OU=users;DC=mitid,DC=com</adminDN>

or whatever is appropriate

I have already tried that. no help there…

and the setup is authenticating administrator account properly.

<baseDN>cn=staff;dc=mitid,dc=com.</baseDN>

staff is very likely an OU! ->

<baseDN>ou=staff;dc=mitid,dc=com.</baseDN>

<adminDN>mitid\administrator</adminDN>

I agree with duncan, BUT Users is very likely a CN…if you have not changed it… ->

<adminDN>CN=administrator,CN=users;DC=mitid,DC=com</adminDN>

If nothing helps:

set this true:

or disable it completely for a test.

Not sure if this helps but I could not get LDAP to work in my AD domain w/o requiring SSL (“Enable SSL connections to your LDAP server, default port is usually 636”) - but I use port 3269.

For the search I have this: <searchFilter>(objectClass=organizationalPerson)(objectCategory=person)&l t;/searchFilter>

  • I added “objectClass=organizationalPerson” because my Base DN starts at the top (<baseDN>DC=domainname,DC=com</baseDN>) to filter out all the machine names, etc. since I use OUs in addition to the default Users.

hello guys…

thanx to all of u for ur support.

at last i resovled the issue…

it was a really silly mistake…ADAM was not installed on the AD…:((

I’m stucked on same stage… Could you please guide me how it was resolved ?

exaple: Domain name is domain.org.com

set Base DN as : dc=domain,dc=org,dc=com

Set Administrator DN as : dn=Administrator,dn=Users,dc=domain,dc=org,dc=com

This syntax resolved my issue. You dont have to mention Users Group in Base DN.