I've had Crowd up and running with several Atlassian products for a while now. I initially implemented a Crowd LDAP directory off our Active Directory server, and that's been working marvelously.
I've now hit upon the requirement of opening up some of our applications to people who aren't members of our company. For example, we are collaborating with a partner for Quality Assurance, and they need to get access to our Confluence Server, Bitbucket Server, and JIRA Server applications.
My preference would be to set up these users once in Crowd, and carry them over. But I don't want to have to add them to our Active Directory either.
I set up a Crowd Internal directory called 'Third Party Users' and added my gmail address as a test account.
Email Address: firstname.lastname@example.org
First Name: Gmail Daniel
Last Name: Schealler
I then went over to Confluence, synchronized, and tried logging in as daniel-gmail. No go.
I tried searching Confluence for the daniel-gmail user to add permissions. Still no go.
I tried going to Confluence, User Directories, found the Crowd Server, and selected Test. I tested for user name daniel-gmail with the correct password, and got the following feedback:
The test function succeeds for LDAP users.
At this point I'm not sure if I'm doing something wrong, or if I'm trying to use Confluence and Crowd in a way that they are not supposed to be used.
As a follow-up question: If I can get Confluence and Crowd to work in this way, would it be possible to have a group that combines users from the LDAP Crowd Directory and the Internal Crowd Directory? I already have a QA group configured for our internal staff. It would be convenient if I could somehow add the Third Party users to that group - or, failing that, create a Crowd internal directory QA group that combines Internal Directory and LDAP users, so I can put that into use in Confluence and Bitbucket.
I worked it out. I had forgotten that in Crowd, I need to configure which directories and which users were accessible to the applications in question.
For anyone else with the same problem:
Furthermore, the users in different directories can be combined in the application by using the same group name in both directories.
I'm John Allspaw, co-founder of Adaptive Capacity Labs, where we help teams use their incidents to learn and improve. We bring research-driven methods and approaches to drive effective inciden...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs