Hello, I currently have the latest version of Crowd being synced with Azure Active Directory. The issue I'm having is all the properties (user name, display name, etc) sync to Crowd once the change is made in Azure AD except the email_address. This is important because I'm creating a Jira email Notification system which would be pulling the addresses from Crowd (My AD syncs to Crowd and Crowd syncs to Jira) Crowd and Jira are read-only so the change would need to happen within Azure AD I believe. Any help would be appreciated.
Do you mean you get a null value for email addresses? Crowd maps the email attribute to the mail attribute in Azure AD. An Azure AD user has a non null mail attribute if he has an Office 365 mailbox (Exchange plan) or if his account was synchronised from an on-premise AD with Azure AD Connect (please read the following accepted answer on SO).
Thank you for the response @Bruno Vincent. To answer your question, when I check the Crowd database I indeed have null values for email addresses. Within the Azure console there is no "mail" attribute but only an email address attribute under the user profile column which isn't mapping. We don't have an Office 365 subscription but are using our work emails instead.
That's unfortunately what I was assuming. The email address you see under the user profile in Azure console is named otherMails in Azure AD. It is different from the mail attribute that is used by Crowd. You'll get the mail attribute if you purchase an O365 subscription (and assign Exchange licenses to your users).
Thank you @Bruno Vincent, this saves me a lot of time and troubleshooting. I assumed their must be a way I could change the mapping configurations but not having access to the back-end of AAD would most likely prevent that. I will move forward with the O365 subscription option.
Just in case you haven't moved forward yet, I thought you might also be interested in taking a look at the following add-on: Office 365 Directory Connector or Crowd (ODCC).
The latest version of the ODCC plugin actually has an option to fill in the Crowd email address field with the value of the Office 365 / Azure AD mailNickname attribute when the mail attribute has no value in Azure AD (unlike the mail attribute, the mailNickname attribute is always provisioned in Azure AD)
(Disclaimer: I work for the vendor of the ODCC plugin)
Question @Bruno Vincent, I still have the previous plug-in that didn't allow email ingestion installed. I just deactivated the directory and decided to use the Crowd server for authentication. Being that I haven't deleted the previous plug-in do I still need to follow the complete installment guide or can I just change the configurations within the crowd-webapp properties file?
My understanding is that you had installed ODCC v1.x and you now want to upgrade to ODCC v1.4, is that right? In that case, you just need to stop Crowd and replace the ODCC v1.x jar file with the v1.4 jar file in crowd-webapp/WEB-INF/lib before starting Crowd again. I strongly suggest that you send us an email at email@example.com. This will be easier to diagnose the problem.
This lets you sync Azure users and groups directly into JIRA, Confluence etc without the need for Crowd!
If a user does not have the mail attribute, then we simply map the user name attribute => email.
Incident response is a team sport, and customer support is an integral part of any team. While Ops is working hard to solve the problem at hand, support is on the front lines communicating with custo...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs