Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root


1 badge earned


Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!


Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.


Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!


Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
Community Members
Community Events
Community Groups

Insight: ldap-crowd importing into schema


We're trying to configure a croned import of all users and groups in our Crowd-LDAP and I have a couple questions about it:

- How can I import the "Active" parameter of each user? I tried mapping the LDAP Attribute but I'm not 100% sure it's called "active"

- Do you have any tip regarding the group population or relationships between users and groups? We did the setup of 2 different processes for groups and users and they're working almost 100% fine (but the Active param) and we would like to map group membership in Insight's schema.

Thanks in advance

1 answer

1 vote
AnnWorley Atlassian Team Sep 11, 2017

I understand you are working with Insight, a plugin for JIRA, made by Riada: Insight - Asset Management for JIRA

You are using a cron job to import users and groups from a Crowd instance, which is synchronizing with LDAP.

You would like the Insight users to be active if the user is active in LDAP and in Crowd, and you need the group memberships to be maintained.

My understanding of Insight is that it uses the same users as JIRA. It seems like synchronizing JIRA with Crowd through a User Directory would work. You would have a Crowd>LDAP User Directory in JIRA that you could use, which would have the same memberships and active status as in Crowd. Here is the documentation for integrating Crowd and JIRA: Integrating Crowd with Atlassian JIRA

Please let me know if I am understanding your requirements properly.

Hi Ann

thanks for your quick answer. I'll try to ellaborate a bit more about this request.

As you said, we are using Insight - Asset Management plugin for JIRA. This tool has an importer which is used to create assets (user-type assets) in the CMDB by importing them from LDAP or JIRA.

We are using Crowd as LDAP for several tools: JIRA, Confluence, Stash and others. We need to create user-assets for every user configured in LDAP (Crowd), not just the ones who have access to JIRA, so JIRA-Insight synchronization is not useful and we need to go for LDAP-Insight.

We've successfully managed to import every user from the LDAP as a Insight asset. We've even managed to import every existing group in Crowd as group-assets in Insights, but I can't manage to create a relationship between group membership and users. I think this might be a question more for Insight's developers...

When we import every user data from LDAP ( givenName, sn, email, etc) we also need to import the "active" attribute but I can't find this flag as a LDAP attribute. What am I doing wrong?


Are you using Insight 5 or are you using another version? 

If you are using Insight 5 you can configure the mapping between users and groups using IQL. This is described here

The active flag should be possible to chose as a dataLocator and map it to an Insight Attribute. Is it not possible to chose that? 

We're using Insight 5.0.3

I managed to configure the mapping between users and groups using each user's DN and an IQL like DN IN ${uniqueMember${0}}) 

But I can't find how to retrieve the "active" flag from LDAP. I attach screenshots of the LDAP stored data as seen by Insight and Apache Directory Studio.

I have a workaround for that: using a JIRA import retrieves the flag. I made 3 import jobs: Users, Groups and user matching, and Active flag. I think "active" may be stored in Crowd DB, not LDAP.


Attributes retrieved by Insigth: 

seen by insight.PNG


Attributes retrieved by Apache Directory Studio:

seen by ldap apache directory studio.PNG

Suggest an answer

Log in or Sign up to answer

Atlassian Community Events