Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Active Directory User

Yves Liesy
Yves Liesy April 2, 2013

I've created a user directory via Active directory. Previously, I have created on the server a group "Confluence" so that only those users will be enabled in Confluence. However, in Confluence are all users displayed that are created on the server.
How can I ensure that only the users can be displayed or logged in from the Confluence group on my server in Confluence itself.

Screenshot of my AD settings:

"seitcomusers" ( typing failure in the screenshort, sorry for that) = the base directory on the server

"confluence" = the group that should be selected ( the only group that should be selected), problem: Confluence selects each group listet in the homedirectory.

Answer
Watch
Like Be the first to like this
725 views

3 answers

1 accepted

4 votes
Answer accepted
Daniel Borcherding
Daniel Borcherding
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
April 2, 2013

Hello Yves,

I believe you are trying to restrict the users that are allowed to autenticate to confluence.

In order to do this you are going to need ot write an LDAP search filter. We have a document on how to do this which I will link below.

https://confluence.atlassian.com/display/DEV/How+to+write+LDAP+search+filters

You want to set up the filter in the "Group Filter" portion of your LDAP Connector. It is going to be one of those items with the arrow to expand the section. When writing your filter it is important to use the FQDN (Full Qualified Domain Name) for the group you are filtering for.

Reply
2 votes
fsim
fsim
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
April 3, 2013

Hey Yves,

The Additional Group DN field does not take an actual group entity. It takes a tree path. So for example, if your users are located in ou=users,ou=seitcomusers,dc=seitcom,dc=internal , and your groups are located in ou=groups,ou=seitcomusers,dc=seitcom,dc=internal , then your Additional User DN should be set to ou=users while your Additional Group DN should be set to ou=groups.

+1 to what Daniel said earlier. You can only restrict users via a User Object Filter, under the User Schema Settings in the directory configuration.

Foogie

Reply
1 vote
BernardoA
BernardoA
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
April 2, 2013

Hello.

According to my understanding I hitnk you can check in Confluence Admin > Global Permission, so in this way you can know which users belong to that group.

View More Comments
Yves Liesy
Yves Liesy April 2, 2013

Unfortunately no, every registered user from my homedirectory can log in at Confluence. I got a group in Confluence itself that displays those users who are licensed or have rights to login to Confluence, but every other user from the AD can log in too.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
TAGS
AUG Leaders

Atlassian Community Events

    See all events