Its quite easy to get openfire and spark messenger to authenticate with Zimbra’s OpenLDAP by selecting OpenLDAP directory server during initial openfire setup.  One of the biggest drawbacks is that the groups feature will not be available.  Group feature is important for enterprises with large number of users and wnat to provide preset groups in spark like IT, HR, Sales etc.

The following configuration will allow you to use group features offered by openfire and also allow you to authenticate with  Zimbra’s OpenLDAP.

1. Openfire setup: When setting up openfire for the first time, use the Default user and groups database in the Profile Settins page.  Do no select LDAP directory provider.

2. Admin setup:  After setup, login to the openfire admin, go to Server Manger -> System Properties

3. Change the value of property provider.auth.className to be org.jivesoftware.openfire.ldap.LdapAuthProvider .    We are basically telling Openfire to use Ldap Authentication provider java class instead of the default.

4. Add these two new property values :

ldap.host = <your LDAP host name>
ldap.baseDN = dc=<ldap doman>,dc=com

5.  IMPORTANT: Add a new admin user in openfire that can be validated against the LDAP server.  Without this you may not be able to login back to openfire.

Thats it.   If everything is right, you should now be able to login to spark using your ldap credentials.

Please note:  To use the user and group features, you will need to add all ldap users into openfire.   You will have to manually add the users into openfire, but I am sure that a small java or perl script can easily  populate the “ofUser” table in openfire’s database from LDAP.

This has not been very thorughly tested, but initial experiments seem to work.  Please post your comments and suggestions.

This entry was posted by Shibu Basheer on Friday, April 10th, 2009 at 7:14 pm and is filed under Categorized, linux. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.