Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,299,190
Community Members
 
Community Events
165
Community Groups

2 Directories in Crowd connected to 2 branches of LDAP - can user-group mgmt be done in JIRA

Hi,

We are planning the deployment architecture for Atlassian suite for our enterprise.

We will have both employees and non-employee users using the Atlassian Suite.

One possible configuration that we are favoring is that we will use OpenLDAP to maintain users and groups. We will create 2 different OUs or branches in LDAP and possibly have replication at LDAP to other geographies.

Our concierge uses JIRA for creating users and groups, right now. We are wondering if we can continue to use JIRA in the below scenario to be the user interface for managing users and groups.

1 LDAP

connected user |

JIRA -----------> Crowd ---------> Dir1-------> Branch for employees

| | |

| | | | (mapping)

| |group | /

| -------| Branch for groups

| -------|

| | group| | (mapping)

| | | /

|-----------> Dir2-------> Branch for non-employees

user

Now, if we give JIRA application privileges to Crowd for creating users and therefore to LDAP, does that mean that if we create/manage users and groups and memberships they will be created properly in LDAP?

If not, what is the best user interface you can propose for easily creating users and groups and memberships in atlassian suite to the OpenLDAP Directory.

We are using JIRA, Confluence, Fisheye and doing SSO with Crowd. We are open to deploying any plugins (like Teem) that will help in managing users and groups and memberships for the whole suite.

2 answers

1 accepted

0 votes
Answer accepted

Hi, I got an answer from Atlassian support on support.atlassian.com. Apparently, if we use JIRA to create the users and groups in the above scenario, where we have 2 different branches of LDAP, JIRA would create the users and groups in the first directory mapped to it only. If we want users and groups in separate branches of LDAP, we could use 2 JIRA servers instead of 1, one mapped to each directory of crowd and further to different branches of LDAP.

Hi there,

If the Crowd directories configured to have the permission to write into your OpenLDAP and the LDAP user that used by Crowd to bind your LDAP server has the privilege to write into your LDAP server, your setup should work fine.

Hope it helps.

Cheers,
Septa Cahyadiputra

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Published in Confluence

An update on Confluence Cloud customer feedback – June 2022

Hi everyone, We’re always looking at how to improve Confluence and customer feedback plays an important role in making sure we're investing in the areas that will bring the most value to the most c...

259 views 2 5
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you