Help getting OpenFire to connect to Active Directory

Posted on 2013-06-24
Medium Priority
Last Modified: 2013-07-05
Hello All,

I'm having a terrible time getting OpenFire to connect to my Active Directory.  I have created a domain called ntdcctest.com.  My domain controller is named DC1.  I have renamed my administrator account to NICK.

In the profile settings of the setup, I'm using the following:

Server type = Active Directory

Host = dc1.ntdcctest.com


Base DN = cn=users,dc=ntdcctest,dc=com

Administrator DN = cn=nick,cn=users,dc=ntdcctest,dc=com

Password = my password

When I test the settings, I don't get any error messages so I'm assuming the test was successful.

I get to the point where I have to add an administrator, and nothing I add here works. I have tried:




I have verified my ldap users container is cn=users,dc=ntdcctest,dc=com using the powershell commandlet get-addomain

I have verified that distinguished name of my account is cn=nick,cn=users,dc=ntdcctest,dc=com using the powershell commandlet get-aduser nick.

Everything I have found on google and in the various postings indicates that cn=nick,cn=users,dc=ntdcctest,dc=com should be working.  What am I doing wrong here.  Any help would be greatly appreciated.

Thanks in advance,

Nick D.
Question by:ndalmolin_13
LVL 26

Accepted Solution

Leon Fester earned 2000 total points
ID: 39274040
What error do you get when you try to add your administrator?
Take the guess work out of the LDAP connection by using ldp.exe to test the connection.
It's available in the support kit.

Expert Comment

ID: 39274608

According to LDAP Guide for OpenFire

By default, Active Directory does not allow anonymous LDAP connections. Therefore, you'll need to enter the DN of a user that's allowed to connect to the server and read all user and group data. Unless you've created a special user account for this purpose, an easy choice is to use the built-in administrator account. By default, the administrator DN is in the form cn=Administrator,dc=<Your Domain>. Using our previous example, cn=Administrator,cn=users,dc=activedirectory,dc=jivesoftware,dc=com.

In your case:


This is the DN you are providing,there is nothing here in DN that makes LDAP understand that you are an administrator. Got it?

Easy choice is to use the built-in administrator account.

Hope that helps :)

Author Comment

ID: 39276413
Hello All,

These are the settings that I got to work:

Server type = Active Directory

Host = dc1.ntdcctest.com


Base DN = dc=ntdcctest,dc=com

When I added the administrator, I just used:  Nick

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Microsoft Office 365 is a subscriptions based service which includes services like Exchange Online and Skype for business Online. These services integrate with Microsoft's online version of Active Directory called Azure Active Directory.
Active Directory can easily get cluttered with unused service, user and computer accounts. In this article, I will show you the way I like to implement ADCleanup..
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
The goal of the tutorial is to teach the user how to instant message and make a video call in Skype.

627 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question