Printable View
Hey again,
Just set openfire up - it's authenticating spot on with LDAP. Thing is we have some staff in one area and some staff in another. We don't want to merge these so is there anyways of telling openfire to look in two places for authenticating logons?
I've tried the simple method of separating the two DSN's with a ; but it seems openfire will only allow so many characters for this, so the last DSN was cut short.
Are the two OU's under a parent OU? If so, you can just tell it to look at the parent OU and it'll search the child OU's as well (That's what we do here).
It's like this:
Teacher OU 1 = OU=Teaching Staff,OU=Users,.....
Teacher OU 2 = OU=Non-teaching Staff,OU=Users,....
But also in the user OU we have pupil accounts
OU=Students,OU=Users,....
If we set the OU to the parent of 'Users' we can give everyone access, but by that we are also giving kids access. I know we could lock that down in other ways but I want this to be as simple as possible.
Simple way is to use the Users OU. Just don't tell the kids. Anyway, even if they did get on and started messaging people they have to login with their account details. Which is kinda incriminating, don't you think? :)
Why not try adding another OU under users, say Staff, then place the staff OUs within that OU?
I know the structure is not the best by far, but I don't want to change something over something so little and then watch as things start to go wrong.
I think I'll just give access to the 'users' OU and look into ways of blocking access to the actual Spark software for pupils.
A file restriction policy should do that for you (you've got one setup already, right?).
Yep :DQuote:
Originally Posted by Geoff
I think that looks like the safest bet
Hi all you fine openfire (and spark) gurus. I am a newbie to the openfire game so I may doing something schoolboy error(ish) here but i have installed openfire ok, problem with ldap (but thats a different story)...
I installed spark on a few pcs and work fine under mine and my colleagues account (domain admins) but when I try it under a member of staffs account it wont even open up spark?
I am assuming its a rights thing but Im struggling to pinpoint it. I have given full permission to the spark folder but still no joy. O and we are on windows 2003 enterprise and workstations are xp sp2.
Any help would be much appreciated..
Thanks guys (and dolls) :)
What error are you getting when you try to run Spark? It may be that there's a file restriction policy in place?
Sounds about right to me - Have you tried adding a hash rule rather than a path rule?Quote:
Originally Posted by richard.thomas
Hey, thanks for the quick responses... much appreciated.
There is no error message, it just doesnt work!
Erm, I will check the file restriction policy (GPO i assume) and im not sure on the hash rule :confused:
Thanks again, ill let you know how i get on! :cool:
I have had a quick look in GPO and there is no software restriction policy in place (it does sounds like it should be tho). I will have another look but I guess yet another annoying quirk I have down here!!!
:confused:
Is this a vanilla or CC3 network (or other?)
Is there any entries in the event log?
I assume you have the latest version of java installed on the client?