Yet another LDAP thread (3.7.0)

Joe23 · March 25, 2011, 10:17pm

I have ldap setup, some users appear in openfire and some don’t and they are all members of the same group.

I’m using Newest stable Debian distro.

BaseDN: DC=domain,DC=com

UserFilter: (memberOf=CN=OpenfireClient,CN=Users,DC=domain,DC=com)

GroupFilter: (objectClass=group)

I have tried creating a new group in a entirely different OU and adding the same users. The problem still persists.

I went as far as adding all users from the domain, not even half show up in openfire.

I also tried a more defined filter for groups, just incase I was hitting the 1000 limit, but groups are not my issue.

I tested the ldap query strings in a AD custom search. All users/groups are found without any issues.

Does anyone have a fix or workaround for this issue?

My next step is to load a Windows based server and test openfire to see if anything changes.

There are so many threads about LDAP issues.

Joe23 · March 31, 2011, 2:58pm

I was able to fix the issue by adding the service account to the domain admin’s group.

I am still having some issues.

I have one user that was showing up and working in the user roster.

The other day he was moved to a different OU he is no longer showing in the user roster.

This should not matter as he is still part of the OpenfireClient group.

Now when I do a ldap user test it reads his account but returns all blank information.

I have tried purging the cache and restarting with no luck. I added and readded him to the group in AD.

Anyone else run into this kind of issue?

Joe23 · March 31, 2011, 4:31pm

I finally tracked down the issue,

The OU had a special character in the OU name, where the user resides.

I removed it and all is well.