--- openfire_src/src/java/org/jivesoftware/openfire/ldap/LdapManager.java	2007-06-22 21:25:23.000000000 +0200
+++ openfire_src-patched/src/java/org/jivesoftware/openfire/ldap/LdapManager.java	2007-11-09 21:59:17.000000000 +0100
@@ -433,7 +433,19 @@
                 env.put(Context.SECURITY_PROTOCOL, "ssl");
             }
             env.put(Context.SECURITY_AUTHENTICATION, "simple");
-            env.put(Context.SECURITY_PRINCIPAL, userDN + "," + baseDN);
+
+	    if(baseDN != null && !baseDN.trim().equals("")) {
+		if(debug) {
+            	    Log.debug("Not using Lotus Notes workaround");
+		}
+            	env.put(Context.SECURITY_PRINCIPAL, userDN + "," + baseDN);
+	    } else {
+		if(debug) {
+            	    Log.debug("Enabled Lotus Notes workaround");
+		}
+            	env.put(Context.SECURITY_PRINCIPAL, userDN);
+	    }
+
             env.put(Context.SECURITY_CREDENTIALS, password);
             // Specify timeout to be 10 seconds, only on non SSL since SSL connections
             // break with a timemout.
--- openfire_src/src/web/setup/ldap-server.jspf	2007-06-22 21:25:15.000000000 +0200
+++ openfire_src-patched/src/web/setup/ldap-server.jspf	2007-11-09 21:59:17.000000000 +0100
@@ -33,9 +33,9 @@
             errors.put("port", LocaleUtils.getLocalizedString("setup.ldap.server.port_error"));
         }
         baseDN = ParamUtils.getParameter(request, "basedn");
-        if (baseDN == null) {
+        /* if (baseDN == null) {
             errors.put("baseDN", LocaleUtils.getLocalizedString("setup.ldap.server.basedn_error"));
-        }
+        } */
         adminDN = ParamUtils.getParameter(request, "admindn");
         adminPassword = ParamUtils.getParameter(request, "adminpwd");
         connectionPoolEnabled =
--- openfire_src/src/java/org/jivesoftware/openfire/ldap/LdapGroupProvider.java.orig	2009-08-31 13:04:16.000000000 +0200
+++ openfire_src/src/java/org/jivesoftware/openfire/ldap/LdapGroupProvider.java	2009-08-31 13:08:53.000000000 +0200
@@ -175,13 +175,18 @@
         XMPPServer server = XMPPServer.getInstance();
         String username;
         if (!manager.isPosixMode()) {
+            boolean noBaseDN = (manager.getBaseDN() == null || manager.getBaseDN().trim().equals(""));
+
             // Check if the user exists (only if user is a local user)
             if (!server.isLocal(user)) {
                 return Collections.emptyList();
             }
             username = JID.unescapeNode(user.getNode());
             try {
-                username = manager.findUserDN(username) + "," + manager.getUsersBaseDN(username);
+                if(noBaseDN)
+                    username = manager.findUserDN(username);
+                else
+                    username = manager.findUserDN(username) + "," + manager.getUsersBaseDN(username);
             }
             catch (Exception e) {
                 Log.error("Could not find user in LDAP " + username);
@@ -357,7 +362,7 @@
                                 }
                             }
                             // Close the enumeration.
-                            usrAnswer.close();
+                            if(usrAnswer != null) usrAnswer.close();
                         }
                     }
                     catch (Exception e) {
--- a/src/java/org/jivesoftware/openfire/ldap/LdapManager.java.orig	2009-08-31 13:38:05.000000000 +0200
+++ a/src/java/org/jivesoftware/openfire/ldap/LdapManager.java	2009-08-31 13:46:44.000000000 +0200
@@ -142,7 +142,7 @@
     private String alternateBaseDN = null;
     private String adminDN = null;
     private String adminPassword;
-    private boolean encloseDNs;
+    private boolean encloseDNs = false;
     private boolean ldapDebugEnabled = false;
     private boolean sslEnabled = false;
     private String initialContextFactory;
@@ -253,7 +253,7 @@
         }
 
         // are we going to enclose DN values with quotes? (needed when DNs contain non-delimiting commas)
-        encloseDNs = true;
+        encloseDNs = false;
         String encloseStr = properties.get("ldap.encloseDNs");
         if (encloseStr != null) {
             encloseDNs = Boolean.valueOf(encloseStr);
@@ -451,6 +451,7 @@
         if (adminDN != null) {
             env.put(Context.SECURITY_AUTHENTICATION, "simple");
             env.put(Context.SECURITY_PRINCIPAL, adminDN);
+	    Log.debug("admin dn: " + adminDN);
             if (adminPassword != null) {
                 env.put(Context.SECURITY_CREDENTIALS, adminPassword);
             }
@@ -918,14 +919,16 @@
      */
     private String getProviderURL(String baseDN) {
         StringBuffer ldapURL = new StringBuffer();
-        try {
-            baseDN = URLEncoder.encode(baseDN, "UTF-8");
-            // The java.net.URLEncoder class encodes spaces as +, but they need to be %20
-            baseDN = baseDN.replaceAll("\\+", "%20");
-        }
-        catch (java.io.UnsupportedEncodingException e) {
-            // UTF-8 is not supported, fall back to using raw baseDN
-        }
+	if(baseDN != null && !"".equals(baseDN)) {
+		try {
+		    baseDN = URLEncoder.encode(baseDN, "UTF-8");
+		    // The java.net.URLEncoder class encodes spaces as +, but they need to be %20
+		    baseDN = baseDN.replaceAll("\\+", "%20");
+		}
+		catch (java.io.UnsupportedEncodingException e) {
+		    // UTF-8 is not supported, fall back to using raw baseDN
+		}
+	}
         for (String host : hosts) {
             // Create a correctly-encoded ldap URL for the PROVIDER_URL
             ldapURL.append("ldap://");
@@ -933,7 +936,9 @@
             ldapURL.append(":");
             ldapURL.append(port);
             ldapURL.append("/");
-            ldapURL.append(baseDN);
+	    if(baseDN != null && !"".equals(baseDN)) {
+            	ldapURL.append(baseDN);
+	    }
             ldapURL.append(" ");
         }
         return ldapURL.toString();
@@ -1901,4 +1906,4 @@
     // Set the pattern to use to wrap DN values with "
     private static Pattern dnPattern;
 
-}
\ No newline at end of file
+}