Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

How can I get a Crowd Internal Directory user to come through to be accessed by my application?

Daniel Schealler August 24, 2016

I've had Crowd up and running with several Atlassian products for a while now. I initially implemented a Crowd LDAP directory off our Active Directory server, and that's been working marvelously.

I've now hit upon the requirement of opening up some of our applications to people who aren't members of our company. For example, we are collaborating with a partner for Quality Assurance, and they need to get access to our Confluence Server, Bitbucket Server, and JIRA Server applications.

My preference would be to set up these users once in Crowd, and carry them over. But I don't want to have to add them to our Active Directory either.

I set up a Crowd Internal directory called 'Third Party Users' and added my gmail address as a test account.

Username: daniel-gmail
Email Address: daniel.schealler@gmail.com
Active: True
First Name:  Gmail Daniel
Last Name: Schealler

I then went over to Confluence, synchronized, and tried logging in as daniel-gmail. No go.

I tried searching Confluence for the daniel-gmail user to add permissions. Still no go.

I tried  going to Confluence, User Directories, found the Crowd Server, and selected Test. I tested for user name daniel-gmail with the correct password, and got the following feedback:

  • Test basic connection : Succeeded
  • Test retrieve user : Failed
    User <daniel-gmail> does not exist
  • Test user rename is configured and tracked : Not performed
  • Test get user's memberships : Not performed
  • Test retrieve group : Not performed
  • Test get group members : Not performed
  • Test user can authenticate : Not performed

The test function succeeds for LDAP users.

At this point I'm not sure if I'm doing something wrong, or if I'm trying to use Confluence and Crowd in a way that they are not supposed to be used.

As a follow-up question: If I can get Confluence and Crowd to work in this way, would it be possible to have a group that combines users from the LDAP Crowd Directory and the Internal Crowd Directory? I already have a QA group configured for our internal staff. It would be convenient if I could somehow add the Third Party users to that group - or, failing that, create a Crowd internal directory QA group that combines Internal Directory and LDAP users, so I can put that into use in Confluence and Bitbucket.

1 answer

1 accepted

1 vote
Answer accepted
Daniel Schealler August 24, 2016

I worked it out. I had forgotten that in Crowd, I need to configure which directories and which users were accessible to the applications in question.

For anyone else with the same problem:

  1. Go to Crowd as an admnistrator
  2. Go to Applications
  3. Open the target application, and navigate to the Directories tab.
  4. Add the target directories that you want your application to see.
  5. Go to the target Groups
  6. Add the target groups that you want your application to see.
  7. Save changes
  8. Return to the application administration and resych the Crowd connection.

Furthermore, the users in different directories can be combined in the application by using the same group name in both directories.

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events