Jabber and Active Directory | Go Back
I have been looking for corporate chat solutions for the last couple of days. There are many good solutions out there, but most of them are commercial and I didn’t feel like paying for a chat server. During the IP4IT conference, I had a chance to meet Peter Saint-Andre and we spent some time talking about the future of voice communications and Jabber.
I decided to give Jabber a try and see what it can do for inter-office and remote communication. I selected Wildfire to be the Jabber server, since it had more features and easier administration than others. The installation was painless - I installed with RPM and it placed everything in /opt/wildfire. Not a preferable location for me, but what a heck, I was just testing. The next step was reading the LDAP Guide to make Wildfire work with the Active Directory. The web administration is too simple and does not yet allow specifying LDAP settings, so I had to manually modify the configuration file. This was the most painful process. The documentation for Wildfire does not include specific instructions for AD and I had to do my own research to find out what needed to be done. Gladly the wildfire community is quite large and I was able to find answers to my questions fairly quickly.
The Jabber server is up and running now. The AD integration is working great and I’m even able to create employee roster lists via AD Groups! This means that everyone who installs the Jabber client will automatically see all employees in their buddy list without having to add anyone, one by one.
I selected NeOS as the Jabber client because it has more features than Gaim for Jabber. With NeOS we are now able to share whiteboards and initiate video/audio conferencing (although I’m not sure if we’ll ever need those). Have been testing the software for a day now and we’re pretty happy with it. Not a bad result, having spent just a couple of hours on installation :)
A lot of users asked me to post my working configuration - here it is :) It looks a little different than my version because I stripped out all the comments and removed the sensitive information such as passwords, etc. Most important things to remember:
1) Make sure that the AD server name can be resolved by your jabber server.
2) Modify baseDN entry to match your full domain name. If the domain is ‘internal.crap.net’, baseDN should be: “dc=internal,dc=crap,dc=net”.
3) Make sure that the “adminDN” line is correct in your AD structure. In my config the AD admin account is “Wildfire Administrator” and the account is in “Administrators” group.
3) You should have a Global Security Group called “Corporate List” with all the users you want to see in Jabber. This group is under “Users” in your AD structure. If it’s in a different location, make sure to modify the “searchfilter” and “groupsearchfilter” lines.
January 11th, 2006 at 11:24 am
о! ты еще блог ведешь! :)
February 21st, 2006 at 12:11 pm
Please post what you did to get AD working with Wildfire.
Thanks
March 15th, 2006 at 6:04 pm
I’m just going through the same configuration, only with the Windows version. I’d be interested in seeing your final wildfire.xml file.
April 3rd, 2006 at 6:53 am
Hey there
I am a student in IT. I am currently doing a project on making a support system and having trouble intergrating wildfire with active directory and was wondering if you could help me with the problem.
Hope to hear from you
Kyle
June 23rd, 2006 at 12:03 pm
Could you publish your wildfire.xml file so we could learn from it.
August 14th, 2007 at 3:47 pm
To give you an idea of how to do the LDAP entries… for the Base DN on SBS 2003 you could do:
ou=SBSUsers,ou=Users,ou=MyBusiness;dc=domain,dc=internal
and for the admin dn you could do:
cn=openfire,ou=SBSUsers,ou=Users,ou=MyBusiness,dc=domain,dc=internal
the ou’s “go backwards” if you will… in SBS users are stored in \MyBusiness\Users\SBSUsers… in the above i created an openfire user in the SBSUsers folder.