Laurentiu, Thanks for the reply. I think I figured it out.
With Active Directory the default fieldname that user lookups are performed on is sAMAccountName. Even though I set this in the IM userid field when I originally set up LDAP, that field is not being used by openfire. I added this field to the ofproperty table: ldap.usernameField = sAMAccountName When I comment out the section in vi /etc/sipxpbx/sipxopenfire-database.xml to tell sipx not to update the database (and thus erase the field I add) and use sipproc to restart the openfire service,then I can authenticate using my AD credentials. Can anyone verify this using Acitve Directory? Kyle On Mon, Sep 20, 2010 at 5:34 AM, Laurentiu Ceausescu <lauren...@ezuce.com> wrote: > Hi, > > I've tested ldap openfire (using openLdap server) and it works fine. > I configured the ldap conection, I checked 'Settings / Instant Messaging > Authentication' check box and I restarted 'Instant Messaging' service. After > that, I was able to register two LDAP users and I had a chat between those > users. > > Few notes: > - I didn't import the LDAP users - openfire works with/without this step; > - regarding using and not using ldap for instant messaging: > it's better to see INSTALL/share/java/sipXecs/sipXopenfire/conf/openfire.xml > file instead of /opt/openfire/conf/openfire.xml file - > /opt/openfire/conf/openfire.xml is parsed and modified by sipx-openfire; > - you can enable the openfire console to see the openfire users (including > LDAP users) - > see http://wiki.sipfoundry.org/display/xecsdev/The+Openfire+admin+console for > that; > - I don't have any entries for ldap.usernameField and ldap.searchFilter in > 'ofproperty' table from 'openfire' database. > > Laurentiu > > On Sat, Sep 18, 2010 at 10:10 PM, Kyle Haefner > <kyle.haef...@colostate.edu<mailto:kyle.haef...@colostate.edu>> wrote: > > Doug that's what I'm trying to say, the IM mapping under the LDAP setup > never makes it to the openffire configs at least for me. I have the IM user > set to sAMAccount in the LDAP setup, but that property I'M username, never > shows up in the ofproperty table when LDAP is enabled. If I setup a > standalone openfire server and map the settings to LDAP then my pidgin client > is authenticated and connects fine. Do you see the username mapping in your > tables? > > On Sep 17, 2010 8:05 PM, "Douglas Hubler" > <dhub...@ezuce.com<mailto:dhub...@ezuce.com>> wrote: > On Fri, Sep 17, 2010 at 5:57 PM, Kyle Haefner > > > <kyle.haef...@colostate.edu<mailto:kyle.haef...@colostate.edu>> wrote: > >> Has anyone had any success getting openfire to auth against AD? I'm >> convinced it is broken. I ... > > what you do mean specifically by "try openfire as configured by sipx > it never works"? > what IM client are you using? > what is the error message the client shows? > did you import your users? > did you map a field to IM handle? > > >> Some tings I noticed about the sipx ofproperty database: >> >> 1. There is no setting for ldap.use... > > Laurentui may be able to explain what you should see in the XML. > > _______________________________________________ > sipx-users mailing list > sipx-us...@list.sipfoundry.o... > > List Archive: http://list.sipfoundry.org/archive/sipx-users/ > > _______________________________________________ > sipx-users mailing list > sipx-users@list.sipfoundry.org<mailto:sipx-users@list.sipfoundry.org> > List Archive: http://list.sipfoundry.org/archive/sipx-users/ > > _______________________________________________ sipx-users mailing list sipx-users@list.sipfoundry.org List Archive: http://list.sipfoundry.org/archive/sipx-users/