As usually Active Directory is read-only for all incorporated mortals... still Jira users do need to be able to use and manage groups.
As the Jira administrators time is very limited, it's i not possible to manage these groups (inability to rename them being just agravating factor).
As an workaround I managed to trick the Active Directory to get a limited number of groups inside Jira by adding them to AD mailing list that I own. This means that by (de)subscribing mailing lists from my Meta-Jira-Groups mailing list I can add and remove AD groups one by one.
The great thing about this is that each of this groups has its own managers so the management of these groups is externalized to the real owners, falling back to IT but never to Jira admins (great!).
Now the big problem is that we still need to be able to manage same groups inside jira, while having few managed on AD.
How can we do this?
I think in your case the best option is use the Delegated Authentication Directory:
A Delegated Authentication directory combines the features of an internal Crowd directory with delegated LDAP authentication. This means that you can have your users authenticated via an external LDAP directory while managing the users and groups in Crowd.
I hope it helps.
Back in April of last year one of the major product announcements from Opsgenie was the launch of the Incident investigation view which created a deep connection between Bitbucket and Opsgenie, empow...
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event
You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events