I've had Crowd up and running with several Atlassian products for a while now. I initially implemented a Crowd LDAP directory off our Active Directory server, and that's been working marvelously.
I've now hit upon the requirement of opening up some of our applications to people who aren't members of our company. For example, we are collaborating with a partner for Quality Assurance, and they need to get access to our Confluence Server, Bitbucket Server, and JIRA Server applications.
My preference would be to set up these users once in Crowd, and carry them over. But I don't want to have to add them to our Active Directory either.
I set up a Crowd Internal directory called 'Third Party Users' and added my gmail address as a test account.
Username: daniel-gmail
Email Address: daniel.schealler@gmail.com
Active: True
First Name: Gmail Daniel
Last Name: Schealler
I then went over to Confluence, synchronized, and tried logging in as daniel-gmail. No go.
I tried searching Confluence for the daniel-gmail user to add permissions. Still no go.
I tried going to Confluence, User Directories, found the Crowd Server, and selected Test. I tested for user name daniel-gmail with the correct password, and got the following feedback:
The test function succeeds for LDAP users.
At this point I'm not sure if I'm doing something wrong, or if I'm trying to use Confluence and Crowd in a way that they are not supposed to be used.
As a follow-up question: If I can get Confluence and Crowd to work in this way, would it be possible to have a group that combines users from the LDAP Crowd Directory and the Internal Crowd Directory? I already have a QA group configured for our internal staff. It would be convenient if I could somehow add the Third Party users to that group - or, failing that, create a Crowd internal directory QA group that combines Internal Directory and LDAP users, so I can put that into use in Confluence and Bitbucket.
I worked it out. I had forgotten that in Crowd, I need to configure which directories and which users were accessible to the applications in question.
For anyone else with the same problem:
Furthermore, the users in different directories can be combined in the application by using the same group name in both directories.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.