User mapping error

manohar · January 3, 2008, 7:31am

Hi,

Im tryin to setup openfire 3.4.3 on a windows 2003 r2 machine.

When i test connection settings it says success.But at user mapping screen it`s givin error sayin no users were found.

I have attached relevant screenshots.what might be the problem??

Jonas · January 3, 2008, 1:24pm

First Page -> BaseDN “staff” is probably an OU no CN. See if that solves the problem. The rest looks fine at the first look.

manohar · January 4, 2008, 5:15am

I have also tried with out staff ou setting as openfire will by default read the entire LDAP sub-tree… the problem is still there…

Bill1 · January 16, 2008, 5:33am

Can you include your wildfire.xml, also where are your users located within AD? The default users container? Also what domain are your users in? Are they being pulled from another domain within your forest?

NO_MESSAGES_OR_FRIEN · January 16, 2008, 1:55pm

You probably need the staff OU. The problem probably lies with the fact that you entered is as a CN ont an OU. Change it to OU=staff. Also the Host name should be a fully qualified domain name (icarus.domain.com)

manohar · January 17, 2008, 7:34am

I`ve already tried ou=staff setting and also tried FQDN… still same problem…no users found…

Jonas · January 17, 2008, 9:25am

Have you really, REALLY made sure that your admin user has full reading rights on your domain?

manohar · January 17, 2008, 9:32am

YES.

manohar · January 17, 2008, 10:06am

Thanks a lot to all of you guys for your help.But the problem is still there…

I`ve attached the openfire.xml file. please go through the file if possible.

Thanx.

Duncan_Clarke · January 17, 2008, 10:26am

I would sugget changing

<adminDN>mitid\administrator</adminDN>

to something like

<adminDN>CN=administrator,OU=users;DC=mitid,DC=com</adminDN>

or whatever is appropriate

manohar · January 17, 2008, 10:33am

I have already tried that. no help there…

and the setup is authenticating administrator account properly.

Jonas · January 17, 2008, 10:39am

<baseDN>cn=staff;dc=mitid,dc=com.</baseDN>

staff is very likely an OU! ->

<baseDN>ou=staff;dc=mitid,dc=com.</baseDN>

<adminDN>mitid\administrator</adminDN>

I agree with duncan, BUT Users is very likely a CN…if you have not changed it… ->

<adminDN>CN=administrator,CN=users;DC=mitid,DC=com</adminDN>

If nothing helps:

set this true:

or disable it completely for a test.

Marc_Hall · January 17, 2008, 7:16pm

Not sure if this helps but I could not get LDAP to work in my AD domain w/o requiring SSL (“Enable SSL connections to your LDAP server, default port is usually 636”) - but I use port 3269.

For the search I have this: <searchFilter>(objectClass=organizationalPerson)(objectCategory=person)&l t;/searchFilter>

I added “objectClass=organizationalPerson” because my Base DN starts at the top (<baseDN>DC=domainname,DC=com</baseDN>) to filter out all the machine names, etc. since I use OUs in addition to the default Users.

manohar · April 2, 2008, 6:34am

hello guys…

thanx to all of u for ur support.

at last i resovled the issue…

it was a really silly mistake…ADAM was not installed on the AD…:((

Farhan · March 27, 2012, 5:45am

I’m stucked on same stage… Could you please guide me how it was resolved ?

Farhan · March 27, 2012, 1:58pm

exaple: Domain name is domain.org.com

set Base DN as : dc=domain,dc=org,dc=com

Set Administrator DN as : dn=Administrator,dn=Users,dc=domain,dc=org,dc=com

This syntax resolved my issue. You dont have to mention Users Group in Base DN.