User not showing up in OpenFire group

troyt · May 16, 2012, 5:25pm

I’m on OpenFire 3.7 using external postgres database and LDAP/AD integration on Linux build.

1 single user in my TechGroup is not showing up under Groups in OpenFire admin console.

My TechGroup in AD contains 40 members including him. However, under Groups in OpenFire it is showing 39.

When I add a new user. AD contains 41 members and under Groups in OpenFire it is showing 40.

For some strange reason, OpenFire is not syncing over ONLY his account.

I deleted his account from Active Directory and recreated it and readd him back in the TechGroup in AD. Same result.

I rebuilt a secondary OpenFire server and he does show up correctly.

I cleared the User and Roster cache still same result on the primary OpenFire server.

Why is OpenFire not syncing just his account? Is there a way to clear his account out of the database even though it is AD integrated?

Any help will be appreciated! Thanks.

speedy · May 17, 2012, 5:17pm

check his AD account and make sure your ldap user account has permissions to read his objects.

troyt · May 17, 2012, 5:32pm

When I do an user search in OpenFire, all the groups that he is apart of appear (for example: TechGroup, Engineer). (Pulls from Active Dir correctly)

When I do a group search in OpenFire and select TechGroup and Engineer, he is not listed.

In Active Directory, he is listed as a member of those groups. (OpenFire pulls group from AD but missing that single user??)

I rebuilt a secondary test OpenFire server with same LDAP settings and he appears correctly. I want to resolve this on the primary OpenFire server and I think it’s something either in the database that is preventing OpenFire to pull that user correctly??

speedy · May 17, 2012, 5:54pm

the issue sounds like a permissions problem with the individual users AD account. Has nothing to do with openfire or group membership

CharleStephen · May 17, 2012, 8:05pm

This seems highly unlikely as being true given that there are several forum posts (many of which have been archived) from versions of OpenFire going back years that have the exact same problem.

speedy · May 18, 2012, 12:37am

all I know is when I ran into a similar issue with a couple of users, it turned out to be a permissions issue.

Its easy enough to test. Temporarly give the account you used for ldap binding domain admin rights. After doing so, restart openfire and see if the missing user shows up. If he does, then its a permissions issue. if not, then its probably something else.

Ryan_Vermeys1 · July 19, 2012, 6:43pm

Updating to 3.7.1 fixed this exact issue for me. See the following: http://issues.igniterealtime.org/browse/OF-112

Hope this helps.

johan_ericka · August 3, 2012, 4:16am

hi all,

i’m currently on openfire 3.7.0 beta and face same issues.

what i do (so far)

creating group
check Enable users to register via a web page at http://mychatserver.com:9090/plugins/registration/sign-up.jsp in User Registration Properties

results :

new user can sign up by fill in web based form (mentioned above)
new user appear in User Summary (openfire web management)
new user’s roster have list of all user in group
new user can see some of user in group (those user was add their friends manually) ==> let’s call them “old friends”
new user can chat with “old friends” (descibed above) but new user does not appear in “old friend” list
new user CAN NOT chat with another new user (even add them manually)
new user not listed in offline group

and the question is :

how to automagically add all user (new & old) to all user list so they can starting chat to each others ? (their roster have this list but not their friend list in chat client)

ps :

i don’t have any authorities to update openfire
tested using pidgin & trilliant chat client

any clue will be appreciated

Chris_Gilbert · October 9, 2012, 9:18am

Hi All,

I encountered this same problem. I managed to solve it by deleting the user’s identical contact record from our AD. The particular user had previously been working for one of our customers, so was already present in our contact records section of the AD with the same name. This appeared to be confusing one of the searches. Once I deleted the contact, he magically started appearing in the group membership (after clearing the group caches).

Hope this helps someone.

thanks,

Chris

Boris_Meyer · January 28, 2013, 9:24am

I have the the same problem.

I was wondering why only a few users appeared in “Domain Users”

I have changed the users primaryGroupID from “Domain Users” to something else and there they were.

Simple: The primary group the user is stored in won’t list him as a part of this group.

Filter is not:

Users Groups

More like:

getGroupFromID(primaryGroupID) AND Users Groups

Vinh · December 12, 2013, 8:44pm

Has anyone found a solution to this issue? I am experiencing the same problem. Users have an admin account and a regular account and I can not get one of them to show up. The account logon name is different but all other information is the same such as first name, last name, etc.