Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

JIRA doesn't sync groups from JIRA Internal directory when I use LDAP Directory as primary Directory

Shobhit Saxena
Shobhit Saxena
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
February 17, 2021

I'm trying to use a Microsoft Active Directory (Read Only, with Local Groups) in JIRA as my primary User Directory to enable SSO (Single Sign On) using AD credentials only, but when I do this, All the groups from the JIRA Internal Directory are lost and are not synced.

Answer
Watch
Like Be the first to like this
895 views

1 answer

0 votes
Pramodh M
Pramodh M
Community Champion
February 17, 2021

Hi @Shobhit Saxena 

LDAP Integration should in no way affect your internal directory, that's strange.

Can you retrieve the users and groups while checking the LDAP configuration?

Can you please check the LDAP configuration for the default group and also in advanced settings, there is an option when the user is granted the group to join in ("When the user first-time logs in, Every time the user logs in, Never") try changing this option to "Every time user logs in.

Don't have LDAP as primary, no need for that. The first directory should always be Jira internal directory.

If it's still giving an error there might be a problem in Additional group DN, please check with that.

Thanks,
Pramodh

View More Comments
Shobhit Saxena
Shobhit Saxena
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
February 18, 2021

Hi @Pramodh M ,

Thank you for your reply. Just to be more specific, what I'm trying to do is -

I want to keep the JIRA internal groups for all the users but I want to use AD credentials only for Authentication. Users should only be able to login using their AD credentials but their internal JIRA groups should remain as it is according to the JIRA Internal directory.

Do you think this is possible ?

 

Thank you

Like
Pramodh M
Pramodh M
Community Champion
February 18, 2021

Hi @Shobhit Saxena 

It is possible to have your group in Jira internal directory and manage users to the groups you have created. That's what "Read only with local group" means

 

May I Know what error you are getting. I would be able to help you if you attach the configuration you have done so far for LDAP directory you are integrating.

 

Please Note on this as well:

If the user is in both Jira internal directory and LDAP directory - It's not possible. It works like this,

Say you have the have user-a in Jira internal directory and user-a logs in

Jira while logs in user-a it checks the user directory in order and as soon as it recognizes that user-a is in Jira's internal directory it does not check in the LDAP directory.

 

If you are still unclear about how this works, please raise a support ticket to Atlassian team.

 

Thanks,
Pramodh

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security