How to Change from LDAP Back to Local MySQL Stored Accounts

Howdy,

I’ve installed Openfire 3.10.2 and have it working well. However, due to policies here I need to change the user accounts from using LDAP back to local MySQL stored accounts.

Is there a way to do this that won’t require a reinstall of Openfire?

Under Server Settings -> Profile Settings the radio button to switch from LDAP to Default is grayed out.

Do I just need to modify these four System Manager -> System Properties, and if so, what’s the correct values?

provider.auth.className

org.jivesoftware.openfire.ldap.LdapAuthProvider

provider.group.className

org.jivesoftware.openfire.ldap.LdapGroupProvider

provider.user.className

org.jivesoftware.openfire.ldap.LdapUserProvider

provider.vcard.className

org.jivesoftware.openfire.ldap.LdapVCardProvider

Looks like the default values are here:

Openfire: Custom Database Integration Guide

provider.auth.className – org.jivesoftware.openfire.auth.JDBCAuthProvider

provider.group.className – org.jivesoftware.openfire.group.JDBCGroupProvider

provider.user.className – org.jivesoftware.openfire.user.JDBCUserProvider

provider.vcard.className – Not in the doc referenced – org.jivesoftware.openfire.user.JDBCVcardProvider ???

Does this look correct, anything missing?

First, maybe you should remove links and images pointing to your server domain in the first post.

Why do you want to switch instead of reinstalling? When LDAP was in use, users were coming from LDAP. If you somehow switch to local database, then users won’t stay in there. They will disappear. So clean install in my opinion is the same effect, but is much better than trying to hack it now.

A clean install is literally 5 - 10 minutes of work. Just do that. Are you using Linux or Windows?

If Ubuntu / Debian

$ sudo apt-get remove --purge openfire

$ sudo dpkg -i openfire_3.10.2_all.deb

Then run through the web config again.

If you are storing to the built-in database the whole process is 5 minutes at most. If you are using an external db, then maybe 10 mins but it isn’t that much harder. See my guide here: Guide / Tutorial / Writeup / Walkthrough / How to: Setting up Openfire 3.10.2 with a PostgreSQL DB, Active Directory / LDAP integration, and a Wildcard SSL Certificate

You can just stop after Step 7 if you don’t want to use LDAP / AD and jump to Step 11.

Thanks for pointing that out. I didn’t realize my copy / paste had grabbed that info from the buttons. Removed.

I agree, the reinstall was the route to go since the users would be starting over.

Thanks, I’ve reinstalled, got the other settings and certs back in place and the users are back in.

In case this helps some future searcher, here are the entries in the ofProperty table that changed after the reinstall and selecting default as opposed to LDAP:

(‘passwordKey’,‘xxxxxx’),

(‘provider.admin.className’,‘org.jivesoftware.openfire.admin.DefaultAdminProvide r’),

(‘provider.auth.className’,‘org.jivesoftware.openfire.auth.DefaultAuthProvider’) ,

(‘provider.group.className’,‘org.jivesoftware.openfire.group.DefaultGroupProvide r’),

(‘provider.lockout.className’,‘org.jivesoftware.openfire.lockout.DefaultLockOutP rovider’),

(‘provider.securityAudit.className’,‘org.jivesoftware.openfire.security.DefaultS ecurityAuditProvider’),

(‘provider.user.className’,‘org.jivesoftware.openfire.user.DefaultUserProvider’) ,

(‘provider.vcard.className’,‘org.jivesoftware.openfire.vcard.DefaultVCardProvide r’),