3 Replies Latest reply on May 10, 2017 11:39 AM by Zurgel

How to create group rosters from LDAP people location entries?

Zurgel May 4, 2017 1:48 PM

Hi,

my current setup:

Openfire (latest version, Linux) running with read access to OpenLDAP.

I cannot change the contents of the OpenLDAP server because the LDAP server gets populated by another system.

- The LDAP contains (among other stuff): ou=People and ou=Group

- Base DN used in Openfire is Domain, Top-Level-Domain

- "Group" contains several groups. ldap.groupNameField = cn .

- Openfire uses "users" group. This group contains all user names in the field "memberUid" as a list. ldap.groupMemberField = memberUid

- Since the base DN is so broad, I use a filter: ldap.groupSearchFilter = (cn=users)

- This gives me a group roster in Openfire which contains all users in the "users" group. These are all people in my company.

So far, so good.

What I want to do:

I want to have different group rosters for each branch office. So, separate group rosters for people from New York, from Berlin, from Paris... You get the idea.

- The only place where this information is stored is in ou=People.

- Every uid (every person) contains a field "location".

The big question:

How should I configure Openfire in order to read the LDAP in a way that it creates group rosters for every location?

Re: How to create group rosters from LDAP people location entries?

speedy May 4, 2017 2:14 PM (in response to Zurgel)

This is how I handle groups..but you should be able to add a filter that looks at the "location" attribute

How to Setup Authentication Groups with LDAP/AD
Like Show 0 Likes(0)

Actions
- Re: How to create group rosters from LDAP people location entries?
  
  Zurgel May 9, 2017 12:24 PM (in response to speedy)
  
  Sorry, but I don't know how to do that. I tried many different things but the best result I could get is that for every person in People a group is created which is named like the location. So, ... Paris would be present about 50 times meaning I get 50 Groups that are named - nothing! Nothing because the location name appears several times and it seems that Openfire does not like this very much.
  
  Is it really possible to gather members and add them to a group by means of a ldap filter? It seams to me that Openfire expects a group or several groups in LDAP that contains a list of all users - prepopulated!
  
  If it is possible to get a group only from people entries - without any prepopulated groups - then please enlighten me how I could do this via ldap filters because as far as I got, this does not seem to be possible.
  
  Like Show 0 Likes(0)
  
  Actions
Re: How to create group rosters from LDAP people location entries?

Zurgel May 10, 2017 11:39 AM (in response to Zurgel)

Nothing worked. So... I used mailing lists Groups. Not pretty but it does the job.

A warning / advice:
When you use a full email address as username... you have to exchange the @ in the user name to \40 when you want to login with Pidgin. Otherwise it is not a valid XMPP id.
Like Show 0 Likes(0)

Actions

Go to original post