I've created a user directory via Active directory. Previously, I have created on the server a group "Confluence" so that only those users will be enabled in Confluence. However, in Confluence are all users displayed that are created on the server.
How can I ensure that only the users can be displayed or logged in from the Confluence group on my server in Confluence itself.
Screenshot of my AD settings:
"seitcomusers" ( typing failure in the screenshort, sorry for that) = the base directory on the server
"confluence" = the group that should be selected ( the only group that should be selected), problem: Confluence selects each group listet in the homedirectory.
Hello Yves,
I believe you are trying to restrict the users that are allowed to autenticate to confluence.
In order to do this you are going to need ot write an LDAP search filter. We have a document on how to do this which I will link below.
https://confluence.atlassian.com/display/DEV/How+to+write+LDAP+search+filters
You want to set up the filter in the "Group Filter" portion of your LDAP Connector. It is going to be one of those items with the arrow to expand the section. When writing your filter it is important to use the FQDN (Full Qualified Domain Name) for the group you are filtering for.
Hey Yves,
The Additional Group DN field does not take an actual group entity. It takes a tree path. So for example, if your users are located in ou=users,ou=seitcomusers,dc=seitcom,dc=internal , and your groups are located in ou=groups,ou=seitcomusers,dc=seitcom,dc=internal , then your Additional User DN should be set to ou=users while your Additional Group DN should be set to ou=groups.
+1 to what Daniel said earlier. You can only restrict users via a User Object Filter, under the User Schema Settings in the directory configuration.
Foogie
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello.
According to my understanding I hitnk you can check in Confluence Admin > Global Permission, so in this way you can know which users belong to that group.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Unfortunately no, every registered user from my homedirectory can log in at Confluence. I got a group in Confluence itself that displays those users who are licensed or have rights to login to Confluence, but every other user from the AD can log in too.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.