User not showing up in group

Hello, i’m using openfire 3.5.1 and it is set to obtain user information via LDAP to my Windows Active Directory.

I setup groups within AD and assigned members. I then setup those groups to be publicly displayed to the IM clients (I’m using Pidgin for my client).

Everything works great (I’ve been using openfire for about 2 or 3 years now, but just recently switched it to use LDAP rather than creating accounts manually within Openfire).

All of my users are appearing in the proper group as they should on the IM client side, except for ONE person. When I look at his user profile within Openfire, it shows that he is a member of the group I set him to within AD.

When I look at another user’s roster within the openfire console, he does not appear on any rosters, and thus does not appear on the list of buddies on the IM client.

I have tried logging the user off of Openfire, removed and re-added him to the group within AD, upgraded his IM client (even though I knew this would not be causing the issue), looked at his IM client to make sure he’s not set as “invisible” or anything like that…

Any ideas? Like I said, everyone else appears in the groups properly that I setup within AD… Except this ONE user.

Thank you!

Could be related to this:

I was having similar issues.

Thanks for your response… That might be related, but forgive me, I don’t know anything about custom filters, so I don’t know if that could be causing the issue. I am just using groups defined in AD to be the groups that appear to the IM clients.

So, i’m not really sure if that is my issue…

I doubt filters are your issue. There seems to be an ongoing issue with AD LDAP and phantom users with openfire groups. Can you provide more specifics regarding the user account with the issue?

Does it have an exchange mail account?

Does it have any characters other than letters and numbers in the username (spaces, periods, symbols, etc)?

Are there any differences of note between it and other accounts?

Have you tried recreating the account in AD?

Sorry for all the questions.

Thanks for your response.

The account affected is the same type of account as the rest of my users… Has an exchange mailbox, no special characters, the actual username is “skoontz” (without quotes of course), and is literally the same as all of the other accounts that are working.

I have not deleted and recreated the account because I don’t want to have to reconfigure everything like email, their computer logon, etc. I assume that would probably fix the issue, but i’m hoping to avoid that.

There is no guarantee that recreating the account would work. Just the last resort test. With exchange you can attach a tombstoned mailbox to a newly created account that does not have a mailbox already. Some users in the past have reported that the issue went away if the user was recreated, but reoccured as soon as the old mailbox was attached to the account. This leads me to believe that the issue for some could be tied to damaged or corrupt exchange mailboxes.

Hmm, strange that this has anything to do with Exchange…

Especially because when I look at the user in the openfire web console, it shows they are a member of the group that they are no appearing in… So Openfire appears to be retreiving group information properly.

Interestingly, this problem just occurred for me as well. I have a group with four members. Three members appear to each other without a problem, but one member doesn’t. Also, from one member’s perspective, the two members that do appear appear in different group headers in the client – Buddies and the shared group name I gave the group.

I just found this thread:

It seems to imply an AD account corruption as well.

Hmmm… I will try that and see what happens…

Although, every one of my 50 users was created on an MMC snapin on my workstation, none were actually created on the DC and it’s only happening with 1 of my users.

I’m having a similar issue happening with 3 out of some 200 users in my pool. Although I haven’t tried recreating their accounts, I suspect that the issue lies with some sort of AD Corruption. It’s kind of the only option left. Pain in the ass though, especially with remote users!

I had the same thing happening to me. I resolved this by going to users/groups, then clicking groups. On the contactlist I created, it was set to share group with additional users, and I had “The following groups:” clicked. I changed that to the All users bullet and it reloaded the new users. If you already have the “All users” bullet clicked, try clicking the following groups, click save contact list settings (it will reload), then click All users again and save contact list settings. When it reloads you should see your missing users.

Wow didn’t realize how old this post was, only looked at July 2nd.