Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Interests
See all
Community resources
Top groups
Explore all groups
Community resources
Celebration

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root

Avatar

1 badge earned

Collect

Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!

Challenges
Coins

Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.

Recognition
Ribbon

Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!

Leaderboard

Join now to unlock these features and more

Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Get started Tell me more
Atlassian Community about banner
4,552,206
Community Members
 
Community Events
184
Community Groups

Setup LDAP for Jira and Confluence

Enterprise Procurement
Enterprise Procurement Sep 10, 2014

I'm looking for the best way to integrate JIRA and Confluence with LDAP for authentication.

My current setup is as follows:

JIRA uses LDAP Authentication as primary (Active Directory) and JIRA Internal Directory as Secondary

Confluence Uses LDAP Authenticaction as primary (The same AD) and JIRA Server as secondary, and Confluence Internal Directory as Tertiary. 

The problem I'm having is that we disabled automatic copy of login, and now I cannot create new confluence accounts that validate against LDAP. 

What are my options?

Answer
Watch
Like Be the first to like this
1102 views

4 answers

1 vote
JK
JK
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
Sep 10, 2014

Maybe this could help: Add users who are Jira/Confluence approved to a specific group in Active Directory. Import only members of this particular group to JIRA with the LDAP connector.

View More Comments
Enterprise Procurement
Enterprise Procurement Sep 12, 2014

I really like this suggestion, and I think this would be probably best solution, however we we don't control the Active Directory, and turnaround time for request in active directory are quite long, so we are looking for a solution such as "Jira verifies against Active Directory and Confluence verifies against Jira" but I'm not sure if that is a feasible solution and if it's been done before.

Like
Reply
0 votes
Enterprise Procurement
Enterprise Procurement Sep 10, 2014

The reason why we are disabling copy user functionality is because we don't want just any user to log into Jira/Confluence. IT needs to approve non IT users to gain access. When we switched from Jira user management to LDAP, we let the users know that they just need to log in with their AD credentials. Now we are having management asking to get those users removed as they have no approval, so we had to disable auto copy.

Reply
0 votes
Tiago Comasseto
Tiago Comasseto
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
Sep 10, 2014

Any specific reason to disable the copy user functionality? and since both JIRA and Confluence pull users from the LDAP, is there any specific reason to keep the JIRA Server directory in Confluence?

Reply
0 votes
Ryan Goodwin
Ryan Goodwin
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
Sep 10, 2014

Are you able to edit the user directory configuration for the ldap connectors? You should be able to login with a confluence/JIRA internal directory user and make changes to the ldap authentication user directory so that it meets your needs. Off the top of my head, I would say you need to configure it with read/write access to ldap so that you can create new accounts from the applications themselves.  

If you don't know the internal directory admin user you can follow these steps to recover:

http://confluence.atlassian.com/display/DOC/Restoring+Passwords+To+Recover+Admin+User+Rights

If this isn't really what you're asking, can you provide more details into how your connector is currently configured?

View More Comments
Enterprise Procurement
Enterprise Procurement Sep 10, 2014

Yes, I am able to access and edit LDAP connectors. We are not trying to make Jira/Confluence create users in LDAP, rather control the users that are allowed access to Jira/Confluence, but be able to use LDAP for authentication. With jira, there is functionality that allows you to add users into the the specitif "directory" it being "Delegated LDAP Authentication" however with Confluence I haven't found similar functionality to be able to add user to Confluence "Delegated LDAP Authentication" directory

Like
Ryan Goodwin
Ryan Goodwin
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
Sep 10, 2014

Confluence and JIRA have the same user management code - Crowd. There are no differences between the functionality. You can use delegated ldap authentication directories from both applications.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Identity Manager
Atlassian Access
TAGS
AUG Leaders

Atlassian Community Events

See all events