Hello hrothgar,
Thanks for the info.
-
We had encountered the limit issue with Wildfire with some particularly large groups, and found that over 1000 member limit due to the paging issue it does not show these additional users. We split them (and keep doing so) whenever that issue arises…unless the amount of users and behaviour has changed with Openfire (groups aren’t at 1000+ members, and usually doesnt show ANY users in that group when the limit is hit).
-
The users appear normal, I’ve even used an LDAP browser to compare anything that LDAP may be picking up. Nothing out of the normal. The example I have below is actually one of our more simple roles in our organization, nothing complex at all, just one Openfire group that they need.
-
Debug log shows the following for LDAP (sorry for the size but don’t want to miss anything):
2008.01.30 12:45:14 XMPPCallbackHandler: NameCallback: aandrews
2008.01.30 12:45:14 XMPPCallbackHandler: VerifyPasswordCallback
2008.01.30 12:45:14 LdapManager: Trying to find a user’s DN based on their username. sAMAccountName: aandrews, Base DN: dc=backoffice;dc=company;dc=com…
2008.01.30 12:45:14 LdapManager: Creating a DirContext in LdapManager.getContext()…
2008.01.30 12:45:14 LdapManager: Created hashtable with context values, attempting to create context…
2008.01.30 12:45:14 LdapManager: … context created successfully, returning.
2008.01.30 12:45:14 LdapManager: Starting LDAP search…
2008.01.30 12:45:14 LdapManager: … search finished
2008.01.30 12:45:14 LdapManager: In LdapManager.checkAuthentication(userDN, password), userDN is: CN=“Andrews, Anne”,OU=“Remote Instructors Domain Accounts”,OU=“Ed Services”,OU=“Operations”,OU=“v2”…
2008.01.30 12:45:14 LdapManager: Created context values, attempting to create context…
2008.01.30 12:45:14 LdapManager: … context created successfully, returning.
2008.01.30 12:45:14 XMPPCallbackHandler: AuthorizeCallback
2008.01.30 12:45:14 AuthorizationManager: Trying Default Mapping.map(aandrews)
2008.01.30 12:45:14 DefaultAuthorizationMapping: No realm found
2008.01.30 12:45:14 XMPPCallbackHandler: no username requested, using aandrews
2008.01.30 12:45:14 AuthorizationManager: Trying Default Policy.authorize(aandrews , aandrews)
2008.01.30 12:45:14 DefaultAuthorizationPolicy: Checking authenID realm
2008.01.30 12:45:14 LdapManager: Trying to find a user’s DN based on their username. sAMAccountName: aandrews, Base DN: dc=backoffice;dc=company;dc=com…
2008.01.30 12:45:14 LdapManager: Creating a DirContext in LdapManager.getContext()…
2008.01.30 12:45:14 LdapManager: Created hashtable with context values, attempting to create context…
2008.01.30 12:45:14 LdapManager: … context created successfully, returning.
2008.01.30 12:45:14 LdapManager: Starting LDAP search…
2008.01.30 12:45:14 LdapManager: … search finished
2008.01.30 12:45:14 LdapManager: Trying to find a user’s DN based on their username. sAMAccountName: aandrews, Base DN: dc=backoffice;dc=company;dc=com…
2008.01.30 12:45:14 LdapManager: Creating a DirContext in LdapManager.getContext()…
2008.01.30 12:45:14 LdapManager: Created hashtable with context values, attempting to create context…
2008.01.30 12:45:14 LdapManager: … context created successfully, returning.
2008.01.30 12:45:14 LdapManager: Starting LDAP search…
2008.01.30 12:45:14 LdapManager: … search finished
2008.01.30 12:45:14 LdapManager: Creating a DirContext in LdapManager.getContext()…
2008.01.30 12:45:14 LdapManager: Created hashtable with context values, attempting to create context…
2008.01.30 12:45:14 LdapManager: … context created successfully, returning.
2008.01.30 12:45:14 XMPPCallbackHandler: aandrews authorized to aandrews
2008.01.30 12:45:14 LdapManager: Trying to find a user’s DN based on their username. sAMAccountName: aandrews, Base DN: dc=backoffice;dc=company;dc=com…
2008.01.30 12:45:14 LdapManager: Creating a DirContext in LdapManager.getContext()…
2008.01.30 12:45:14 LdapManager: Created hashtable with context values, attempting to create context…
2008.01.30 12:45:14 LdapManager: … context created successfully, returning.
2008.01.30 12:45:14 LdapManager: Starting LDAP search…
2008.01.30 12:45:14 LdapManager: … search finished
2008.01.30 12:45:14 LdapManager: Creating a DirContext in LdapManager.getContext()…
2008.01.30 12:45:14 LdapManager: Created hashtable with context values, attempting to create context…
2008.01.30 12:45:14 LdapManager: … context created successfully, returning.
2008.01.30 12:45:14 Trying to find group names for user: aandrews@im.company.com using query: (&(&(cn=*)(&(objectCategory=CN=Group,CN=Schema,CN=Configuration,DC=backoffice,D C=company,DC=com)(memberOf=CN=SG.Jabber.Groups,OU=Jabber,OU=_Other,OU=v2,DC=back office,DC=company,DC=com)))(member=CN=“Andrews, Anne”,OU=“Remote Instructors Domain Accounts”,OU=“Ed Services”,OU=“Operations”,OU=“v2”,dc=backoffice;dc=company;dc=com))
2008.01.30 12:45:15 LdapManager: Trying to find a user’s DN based on their username. sAMAccountName: aandrews, Base DN: dc=backoffice;dc=company;dc=com…
2008.01.30 12:45:15 LdapManager: Creating a DirContext in LdapManager.getContext()…
2008.01.30 12:45:15 LdapManager: Created hashtable with context values, attempting to create context…
2008.01.30 12:45:15 LdapManager: … context created successfully, returning.
2008.01.30 12:45:15 LdapManager: Starting LDAP search…
2008.01.30 12:45:15 LdapManager: … search finished
2008.01.30 12:45:15 LdapManager: Trying to find a user’s DN based on their username. sAMAccountName: aandrews, Base DN: dc=backoffice;dc=company;dc=com…
2008.01.30 12:45:15 LdapManager: Creating a DirContext in LdapManager.getContext()…
2008.01.30 12:45:15 LdapManager: Created hashtable with context values, attempting to create context…
2008.01.30 12:45:15 LdapManager: … context created successfully, returning.
2008.01.30 12:45:15 LdapManager: Starting LDAP search…
2008.01.30 12:45:15 LdapManager: … search finished
2008.01.30 12:45:15 LdapManager: Creating a DirContext in LdapManager.getContext()…
2008.01.30 12:45:15 LdapManager: Created hashtable with context values, attempting to create context…
2008.01.30 12:45:15 LdapManager: … context created successfully, returning.
I’ve highlighted in red, where I suspect an issue may be occuring?
In response to chertz’s post, could the extra appended ampersand be affecting this particular query? To resolve this, can I just remove my ampersand and Openfire will automatically “append” the ampersand? Then after this bug is fixed I will just need to add it back, like a normal query?
Thanks for your help so far guys.