Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Celebration

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root

Avatar

1 badge earned

Collect

Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!

Challenges
Coins

Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.

Recognition
Ribbon

Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!

Leaderboard

Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,464,272
Community Members
 
Community Events
176
Community Groups

How do I enable new users in Crowd to access Jira, Stash, etc.

I have set up evaluation versions of Crowd, Jira, Stash, and Confluence. Everything seems well and good between the services for my user account, which I've been using for testing. Crowd connects to LDAP correctly, and the other three services use Crowd's SSO to manage users. Where I get a bit lost is in allowing new users (who have valid LDAP credentials) to access the services.

I have Crowd set to add new users to confluence-users, stash-users, and jira-users as soon as they log in for the first time.

The first time user BOB1 visits Stash, he logs in, and Crowd verifies his credentials. When Crowd sends him back to Stash, Stash says "You do not have permission to access Stash". Apparently this is because Stash's view of the Crowd directory is out of date (by more than a few seconds) and hasn't been updated to reflect that Crowd has just added BOB1 to stash-users. Once I go into Stash and tell it to update the Crowd directory, BOB1 can then log in, but a manual update is obviously not the solution.

What is the proper way to allow each user to access the services as soon as they log in for the first time? Thanks in advance.

1 answer

1 accepted

0 votes
Answer accepted

Unfortunately the only solution currently is to wait for the automatic synchronization to be triggered for each application connected to Crowd. You can make this less painful by decreasing this interval to a low number (like a few minutes) for each of the applications.

Please vote on CWD-2650 if you'd like this to be fixed.

Caspar - thanks for the reply. I voted on the bug but I worry that it's been around for a while and is still unresolved. This is a pretty glaring bug that will cause every new user to get an error on their first login attempt with no visible expectation that the error will resolve itself in the future.

I recently sent out an email suggesting that several folks try out the services I just set up. The result of this bug is that every new user is going to try, and fail, to log in ... this will be their first experience trying out our Atlassian servers and it will leave a bad taste in their mouths. It's going to be hard to convince my company to buy these servers if every new user sees such an obnoxious bug.

I'm willing to try a workaround if one exists. What if I add everyone on the LDAP server to the stash-users group? Would there be any downside to that?

Pre-adding your users to the confluence-users, jira-users, and stash-users groups in the LDAP directory (or in Crowd) would prevent the specific case of the error you're seeing, and there shouldn't be a downside to that as far as Crowd is concerned.

Don't forget to drop the synchronization interval on each of the applications as well.

Suggest an answer

Log in or Sign up to answer
TAGS

Atlassian Community Events