Work in progress, but so far…
CentOS 6.0 – 64bit — had to add libldb.i686 for JVM
Name : mysql
Arch : x86_64
Version : 5.1.52
Release : 1.el6_0.1
http://127.0.0.1:9090 for initial configuration, for admin GUI after configuration http://127.0.0.1:9091
I opened firewall ports
9090 – this can be blocked after configuration as port 9091 will be used thereafter for admin
To get this ‘switched off’ enter ‘-1′ in the openfire.xml file
Increase JVM memory by adding DAEMON_OPTS=”-Xms256m -Xmx512m” to /etc/sysconfig/openfire
adminDN: cn=mr.foo,cn=Users,dc=foo,dc=local — firstname.lastname@example.org also worked for me
Username Field: sAMAccountName
Search Fields — I left this blank
Advanced Settings > User Filter: (&(objectClass=organizationalPerson)(mail=*)) — add everybody with an email address, if they have no email address in AD they they will not be added
or (&(objectClass=organizationalPerson)(cn=*)) — add everyone with a Name entry in AD
Group Field: cn — the default
Member Field: member — the default
Description: description — the default
Advanced Settings > Group Filter: (&(objectClass=group)(cn=MrFoo_GroupDivision)) — I had a test group in AD created
Some of my notes for setting up Openfire 3.7.0 on CentOS 6.0 64-bit with Active Directory, and some of the gotchas.
1) If you have more than 1000 AD user entries (I did) the drop down option in management GUI allows you sort by 1000 “Total Users: 1,000 — Sorted by Username — Users per page:1000″ … well it doesn’t work, it will display a 1000 users but if you have more you are not offered any way via the GUI to view the next 1000, no little arrow to click forward, no page number 2…etc…etc. I believe there is a fix for this though, I read it some where.
2) Getting locked out (not the old bug that seem to exist v3.6.4) after editing. Okay, everything was ticking along nicely, I added myself as the “Administrator” user for Openfire and it allowed me to do everything one expected, I rebooted the server, stop/started Openfire to test if everything came back up, it did, I could still login as Admin, all working perfectly, I then did the following and got locked out.
Openfire > Server > Server Manager > System Properties, I wanted to edit the ldap.searchFilter, so clicked the “Edit” icon, made may edit and saved, restarted Openfire, and then I couldn’t login to Openfire, the login page was displayed, but it refused to accept my credentials, I tried stop/start again, all to no avail. In the end I decided to start over as it only takes a few minutes to configue Openfire (it might have been possible to delete/change the mysql db directly, I couldn’t be bothered), so I just set “true” to “false” and retarted from scratch…just to test I did the same thing again, edited the field, and got locked out again…so this could be a bug
Okay, this is what you need to do if you have more than 1000 AD/LDAP entries.
Go to Server > Server Manager > System Properties > Add new property
And add the following:
Property Name: ldap.pagedResultsSize
Property Value: 1000
Stop & start Openfire and you should now have more entries in the drop down menu, plus click-able page numbers.