Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Azure AD table mappings not syncing in Crowd

KO89 December 27, 2017

Hello, I currently have the latest version of Crowd being synced with Azure Active Directory. The issue I'm having is all the properties (user name, display name, etc) sync to Crowd once the change is made in Azure AD except the email_address. This is important because I'm creating a Jira email Notification system which would be pulling the addresses from Crowd (My AD syncs to Crowd and Crowd syncs to Jira) Crowd and Jira are read-only so the change would need to happen within Azure AD I believe. Any help would be appreciated.

2 answers

2 accepted

0 votes
Answer accepted
Lars Olav Velle
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
December 28, 2017

Hi @KO89

We (Kantega Single Sign-on) recently added Cloud Connectors to our Single Sign-on add-ons.

This lets you sync Azure users and groups directly into JIRA, Confluence etc without the need for Crowd!

If a user does not have the mail attribute, then we simply map the user name attribute => email.

-Lars

KO89 December 28, 2017

Thank you @Lars Olav Velle. I will definitely give this product a look. Being that we've already provisioned a VM for Crowd and connected it to the rest of the Atlassian Stack in a production environment I doubt we will steer away from it though.

0 votes
Answer accepted
Bruno Vincent
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
December 27, 2017

Hi @KO89

Do you mean you get a null value for email addresses? Crowd maps the email attribute to the mail attribute in Azure AD. An Azure AD user has a non null mail attribute if he has an Office 365 mailbox (Exchange plan) or if his account was synchronised from an on-premise AD with Azure AD Connect (please read the following accepted answer on SO).

KO89 December 28, 2017

Thank you for the response @Bruno Vincent. To answer your question, when I check the Crowd database I indeed have null values for email addresses. Within the Azure console there is no "mail" attribute but only an email address attribute under the user profile column which isn't mapping. We don't have an Office 365 subscription but are using our work emails instead.

Bruno Vincent
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
December 28, 2017

Hi @KO89

That's unfortunately what I was assuming. The email address you see under the user profile in Azure console is named otherMails in Azure AD. It is different from the mail attribute that is used by Crowd. You'll get the mail attribute if you purchase an O365 subscription (and assign Exchange licenses to your users).

KO89 December 28, 2017

Thank you @Bruno Vincent, this saves me a lot of time and troubleshooting. I assumed their must be a way I could change the mapping configurations but not having access to the back-end of AAD would most likely prevent that. I will move forward with the O365 subscription option.

Bruno Vincent
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
April 2, 2018

Hi @KO89

Just in case you haven't moved forward yet, I thought you might also be interested in taking a look at the following add-on: Office 365 Directory Connector or Crowd (ODCC).

The latest version of the ODCC plugin actually has an option to fill in the Crowd email address field with the value of the Office 365 / Azure AD mailNickname attribute when the mail attribute has no value in Azure AD (unlike the mail attribute, the mailNickname attribute is always provisioned in Azure AD)

(Disclaimer: I work for the vendor of the ODCC plugin)

KO89 April 4, 2018

Thank you for the update @Bruno Vincent. I was given the go ahead to test the new version of the plug-in. I will respond with feedback after my testing

Bruno Vincent
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
April 4, 2018

Sure @KO89! Feel free to contact us at support@cleito.com if you have any questions while configuring the plugin.

KO89 April 4, 2018

Question @Bruno Vincent, I still have the previous plug-in that didn't allow email ingestion installed. I just deactivated the directory and decided to use the Crowd server for authentication. Being that I haven't deleted the previous plug-in do I still need to follow the complete installment guide or can I just change the configurations within the crowd-webapp properties file?

Bruno Vincent
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
April 4, 2018

Hi @KO89

My understanding is that you had installed ODCC v1.x and you now want to upgrade to ODCC v1.4, is that right? In that case, you just need to stop Crowd and replace the ODCC v1.x jar file with the v1.4 jar file in crowd-webapp/WEB-INF/lib before starting Crowd again. I strongly suggest that you send us an email at support@cleito.com. This will be easier to diagnose the problem.

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events