How to - AD authentication

I’ve gotten OpenFire setup to work with AD, but only if I authenticate using the admin account. Is it possible to configure this using a less privileged account, and what privileges would be required?

Thanks in advance!

1 Like

Thank you for the response. I’ve tried this, but it’s still not working except with the admin user. What would be the proper format for information required of base and admin DNs please?

You should NOT need a domain admin account for ldap query, unless you made changes to your AD. By default, a domain user can query AD for basic information, which is all we needed.

for testing, do something like this. create a normal domain user account. ie of-ldap@domain.local. make your base dn the root of your domain. something like DC=domain,DC=local

then for when your asked for the ldap admin dn, enter of-ldap@domain.local

1 Like

That’s it. Thanks. I had the information in the Admin DN improper.

I read through the LDAP guide 100 times and could not get OpenFire to connect to my DC. Until I found this post. Then I saw how you said to enter the admin dn. username@domain.local. I was doing it as the LDAP Guide says to : cn=Administrator,cn=users,dc=domain,dc=local. Well, your way worked like a charm. I think the guide needs to be updated Maybe even some screenshots of the config screen showing what should be where.

Great Job! Thank You!

I go through the setup wizard and use Active Directory, test connection success, however on the last step “Admin Account” to admin OpenFire, please see screen shot


what can I type? I tried 1 user: “administrator”, or normal user,
and multiple user: user1, user2
it say no username was provided