I have an AD controller and all the members are in OU. There are no configuration groups.
Confulence uses crowd authentication. But at present, it is too troublesome to authorize users one by one.
I want crowd to be able to identify the relationship between OU and users so that I can authorize OU. Can it be done?
Hello @jiapeng li and welcome! There is no way of which I am aware to use OU membership in any LDAP server (AD included) to manage Atlassian application access, including Confluence.
The best solution I've found is to use what's called a shadow group to contain the same membership of the OU or any part thereof. This article from Microsoft TechNet, along with a multitude of others on the Internet, explains what they are, how they work, and how to use them.
Hope this helps! If so, please consider clicking the "Accept Answer" button next to this answer so that others can benefit from the "answered" flag in their search results - thanks!
~~Larry Brock
Hello again @jiapeng li !
Did you have any follow-up questions? If not, it would help others if you clicked the "Accept answer" button. Thanks!
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.