siddou.tk

Install Openfire 4+ AD Auth on Debian 8 Jessie

Get deb file

wget https://www.igniterealtime.org/downloadServlet?filename=openfire/openfire_4.0.2_all.deb -O openfire_4.0.2_all.deb

Install package and set up mysql

apt-get install openjdk-7-jre-headless mysql-server
dpkg -i openfire_4.0.2_all.deb

mysql_secure_installation
mysql -u root -p
mysql> create database openfire;
mysql> GRANT ALL PRIVILEGES ON openfire.* TO [email protected] IDENTIFIED BY 'openfire_pass';
mysql> exit

For AD auth:
On AD:
Create a pidginuser to bind to AD
Create a pidgin group for allowed user

switch to java8
tar xvf java jre archive in opt:
/opt/jre1.8.0_102

nano /etc/default/openfire
JAVA_HOME=/opt/jre1.8.0_102

systemctl restart openfire

Configure Openfire:
go to http://servername:9090

select mysql
dbhostname: localhost
dbname: openfire
user: openfire_user
pass: openfire_pass
Server type: Active Directory
Host: ad.siddou.com
Port: 389
Base DN:  dc="siddou",dc="com"
Administrator DN: [email protected]


Username Field: sAMAccountName

User filter:
(objectClass=organizationalPerson)
(&(memberOf=CN=pidgin,CN=Users,DC=siddou,DC=com))

Group Field: cn
Member Field: member
Description Field: description
Group filter: (objectClass=group)(cn=pidgin)

Server settings -> Client Connections
5222
advanced configuration:
STARTTLS policy -> optional

Mutual Authentication -> Disabled

Certificate chain checking:
Uncheck Allow peer certificates to be self-signed.
check Verify that the certificate is currently valid (based on the ‘notBefore’ and ‘notAfter’ values of the certificate).

disable 5223

Next Configure SSO for pidgin here

One thought on “Install Openfire 4+ AD Auth on Debian 8 Jessie

  1. Pingback: Install Openfire 4+ Pidgin SSO on Debian 8 Jessie – siddou.tk

Leave a Reply

Your email address will not be published. Required fields are marked *