I’ve been attempting to get Openfire 3.6.4 to authenticate using LDAP and I feel that I am “oh so close” but not quite there.
Here’s what I’ve got:
ldap.baseDN DC=domain,DC=org
ldap.adminDN CN=Administrator,CN=Users,DC=domain,DC=org
ldap.searchFilter (&(memberOf= CN=Dept 935,OU=Dept Groups,OU=Groups,DC=domain,DC=org)(objectClass=person))
If I use the above query using LDP.exe (a windows tool) I get 78 users, but for some reason Openfire only finds 6 users. If I remove the user filter I hit the 1000 LDAP limit.
I thought I’d be able to set the BaseDN to CN=Dept 935,OU=Dept Groups,OU=Groups,DC=domain,DC=org but that doesn’t seem to work. Using that BaseDN doesn’t show any users, just the group.
I am not an ActiveDirectory admin so I can’t change how users are stored in LDAP.
Can anyone tell me what I’m doing wrong?
Thanks!
I’ve continued troubleshooting and am now wondering if it as anything to do with ldap.adminDN
I get “Status Success!” when I use the following:
CN=Users,CN=Administrator,DC=domain,DC=org
CN=Users,CN=Random,DC=Stuff,DC=org
or if I leave it blank. This makes me think what I type there is irrelevant, however…
I get “Status: Error” when I use the following:
CN=Administrator,CN=Users,DC=domain,DC=org
Checking the log shows that I’m getting a LDAP: error code 49 - 80090308, which looks to be an authentication error.
Is it possible that only certain users will be returned when I run my search if I’m not properly authenticated?
i’m no expert (trust me on this! ) but i am using LDAP authentication and for ldap.adminDN i’m just using username@domain.org format - hope that helps!
Thank you!
I used my own domain account (non adminstrator) and now I see all users of my group.