Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Celebration

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root

Avatar

1 badge earned

Collect

Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!

Challenges
Coins

Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.

Recognition
Ribbon

Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!

Leaderboard

Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,461,070
Community Members
 
Community Events
176
Community Groups

How to Load users using Crowd LDAP?

I am currently using CROWD for LDAP and having problem loading the users.

 

I guess I will have to explain my problem first..

Our company LDAP contains over 10,000 accounts and over 100 groups.. and in that LDAP, we have a AD group that contains 50 accounts. 

 

On Crowd setting up the LDAP, I set Base DN as where ALL accounts are in there.. which is over 10,000 accounts.

and on configuration page, I leave User DN blank, and set the Group DN as the location of the Group which should contains 50 accounts.. 

 

When I update this, it loads ALL the accounts in LDAP and just that specific group. 

 

When I set Base DN as the location of the Group that I want to use, and leave everything blank, it loads JUST THAT GROUP but not the accounts... 

 

I am guessing it is because account belongs to different AD or different location than the Group... 

 

How can I just load the Group that I want to use, and the accounts in that Group only? 

1 answer

1 accepted

1 vote
Answer accepted

Hi,

The users and groups in LDAP are separated objects.
The Base DN is the root location for JIRA to search in the AD.
When you leave the User DN blank you tell JIRA to search all users from that Base DN root, if your search pattern is default.

When you specify the Base DN to the specific group path is expected to get only that group. Since the user search will be done over that specific path that probably does not contain any user object.

I believe you need the first configuration that get all the users and the specific group and change the users filter to something like this:
(&(objectCategory=Person)(sAMAccountName=*)(memberOf=CN=foo group,DC=example,DC=com))

This will filter all users that are member of foo group.

Cheers,
Daniel P santos

Suggest an answer

Log in or Sign up to answer
TAGS

Atlassian Community Events