Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

What ADFS 3.0 claims rule to use with Jira v8.5.6

Deleted user September 28, 2020

I have been tasked with setting up SSO with our Jira (on-premise) v8.5.6 environment.  I am unsure what claims rule to use with the built-in SSO option.  The instructions state this:

  • Make sure that AD FS > Trust Relationships > Relying Party Trusts > (your application) > Edit Claim Rules.. > Issuance Transform Rules use the same LDAP attribute for outgoing Name ID claim as Directory > Configuration > User name attribute  in your Atlassian application. You'll need to create this rule if it doesn't exist.

I had our Jira administrator check the "User name" attribute in Jira and it says "User Name Attribute: sAMAccountName".  So I setup a claims rule to map "sAMAccountName" to "Name ID".  But this does not work - it tells me:

We can't log you in right now

This may be for a variety of reasons, we suggest trying again.
If that doesn't work, contact your JIRA administrator for help.

So either I have the wrong claims rule setup or something else is not working.  If someone could confirm for me I am using the correct claims rule, then I can at least start looking somewhere else for the problem.  If this is wrong rule, could someone let me know what I should be using instead?

Thanks

NK

Answer
Watch
Like Be the first to like this
1002 views

1 answer

1 accepted

0 votes
Answer accepted
Kat Warner
Kat Warner
Atlassian Partner
September 28, 2020

Hello @[deleted] 

Are you using Jira Server or Jira Data Centre? The instructions on Adding SAML integration to your existing user management infrastructure require your Jira instance to be using a Data Centre license.

There is no out-of-the-box SSO solution for Jira Server though there a number of Marketplace apps that allow you to set this up, including EasySSO from TechTime.

View More Comments
Deleted user September 29, 2020

Hi,

How do I determine the type?  When I do help about, it just says:

License Information for Jira

Jira v8.5.6

Copyright © 2002 - 2020 Atlassian Corporation Pty Ltd.

It does not say whether it is Jira Server or Jira Data Centre.

Thanks

NK

Like
Deleted user September 29, 2020

I checked with the manager of team that support our Jira installation, and she let me know that we own "Data Center" licenses.

Thanks

NK

Like
Deleted user September 29, 2020

Here is how I have it setup:

 

Jira.PNG

 

Has anyone gotten ADFS 3.0 working in their Jira environment using this claims rule?  If not, what should I use?

Thanks

NK

Like
Deleted user September 29, 2020

Sorry, I incorrectly typed ADFS 2.0 in the original posting.  We are running Windows Server 2012 R2 which I believe is ADFS 3.0.  I will update the text in the post...

Like
Ed Letifov _TechTime - New Zealand_
Ed Letifov _TechTime - New Zealand_
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
September 29, 2020

Based on the above screenshot your setup should be fine.

Technically since this is Atlassian's app – this should be directed at their support, not Community.

Does your Jira actually have a user with the username matching the one you are trying to login with? Does the user have group membership that would let them login through normal login form?

Like
Deleted user October 1, 2020

Thank you for the response.  Yes, the account I am logged in with (which would be used for SSO) exists in Jira via the LDAP connector.  I am able to login using the forms based login process with that account without issue.

I will have our Jira support team open a ticket with tech support.

Thanks for your time.

NK

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events