I am trying to use crowd to manage access to atlassian tools for my group at a larger company. We are using an open ldap instance as our directory, which holds tens of thousands of users. Our license only supports up to 500 users, so when I failed to constrain the users correctly, crowd shuts down saying that our license does not allow this many users.
The obvious answer is to use the User Object Filter to reduce the imported users to only the users in our group. Unfortunately, the ldap admins have not enabled the memberOf attribute in their open ldap instance, and I do not have any sway with them to enable it. The group objects have the memberUid attribute set, which means I can find out who is in the group, however I am unable to craft an ldap search which returns the user records in a given group.
Is there any other way of informing Crowd that it should pull both groups and users from an ldap server, but it should only consider users in a specific ldap group towards the users we want supported in crowd (and thereby counted for our license)?
Note that I also need to pull many groups from ldap, some of which will have many users that I do not want to be imported into crowd.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.