Hi all.
I'm trying to integrate my Crowd with OpenLDAP.
My LDAP server is used for user login on some servers. As such, the objectClass is posixAccount. It is my understanding that Crowd can only handle posixAccount as read-only.
I have 2 questions:
1. Why?
2. Does anyone have some recommandations about how to setup crowd with a different objectClass that would work as user login for the servers and eventually how to define a different class in the LDAP client - aka change the setup of the clients?
Sorry Nathalie. No updates from Atlassian on this.
What I did was to allow password updates only on LDAP. This works fine even if it restricts the possibilities.
Any news from Atlassian side about this topic?
We have the same situation. We fist setup a crowd and LDAP (without posix). Everything works fine. Now we want to include our Linux Servers for authentication and need the additional posixAccount objectclass. Read-only is no option for us because we want that everyone is able to reset their password in Crowd and we using the nested group functionality from crowd for all our applications.
We tried to have 2 LDAP Servers (1 posix and 1 non-posix that is connected to Crowd). We didn't found a proper possibility to sync both OpenLDAP Servers. So the easiest and most efficient solution would be to have one LDAP Server with posix that is connected with crowd (read-write).
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Would be nice to have someone from Atlassian answer this. Would it be possible?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I agree with __geo__. If Crowd supports posixAccount and posixGroup directly, we can manage openLDAP with Crowd.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I am also interested in the questions of these answers !!
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.