Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Insight: ldap-crowd importing into schema

Sys Admin September 11, 2017


We're trying to configure a croned import of all users and groups in our Crowd-LDAP and I have a couple questions about it:

- How can I import the "Active" parameter of each user? I tried mapping the LDAP Attribute but I'm not 100% sure it's called "active"

- Do you have any tip regarding the group population or relationships between users and groups? We did the setup of 2 different processes for groups and users and they're working almost 100% fine (but the Active param) and we would like to map group membership in Insight's schema.

Thanks in advance

1 answer

1 vote
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
September 11, 2017

I understand you are working with Insight, a plugin for JIRA, made by Riada: Insight - Asset Management for JIRA

You are using a cron job to import users and groups from a Crowd instance, which is synchronizing with LDAP.

You would like the Insight users to be active if the user is active in LDAP and in Crowd, and you need the group memberships to be maintained.

My understanding of Insight is that it uses the same users as JIRA. It seems like synchronizing JIRA with Crowd through a User Directory would work. You would have a Crowd>LDAP User Directory in JIRA that you could use, which would have the same memberships and active status as in Crowd. Here is the documentation for integrating Crowd and JIRA: Integrating Crowd with Atlassian JIRA

Please let me know if I am understanding your requirements properly.

Sys Admin September 12, 2017

Hi Ann

thanks for your quick answer. I'll try to ellaborate a bit more about this request.

As you said, we are using Insight - Asset Management plugin for JIRA. This tool has an importer which is used to create assets (user-type assets) in the CMDB by importing them from LDAP or JIRA.

We are using Crowd as LDAP for several tools: JIRA, Confluence, Stash and others. We need to create user-assets for every user configured in LDAP (Crowd), not just the ones who have access to JIRA, so JIRA-Insight synchronization is not useful and we need to go for LDAP-Insight.

We've successfully managed to import every user from the LDAP as a Insight asset. We've even managed to import every existing group in Crowd as group-assets in Insights, but I can't manage to create a relationship between group membership and users. I think this might be a question more for Insight's developers...

When we import every user data from LDAP ( givenName, sn, email, etc) we also need to import the "active" attribute but I can't find this flag as a LDAP attribute. What am I doing wrong?

Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
September 20, 2017


Are you using Insight 5 or are you using another version? 

If you are using Insight 5 you can configure the mapping between users and groups using IQL. This is described here

The active flag should be possible to chose as a dataLocator and map it to an Insight Attribute. Is it not possible to chose that? 

Sys Admin September 20, 2017

We're using Insight 5.0.3

I managed to configure the mapping between users and groups using each user's DN and an IQL like DN IN ${uniqueMember${0}}) 

But I can't find how to retrieve the "active" flag from LDAP. I attach screenshots of the LDAP stored data as seen by Insight and Apache Directory Studio.

I have a workaround for that: using a JIRA import retrieves the flag. I made 3 import jobs: Users, Groups and user matching, and Active flag. I think "active" may be stored in Crowd DB, not LDAP.


Attributes retrieved by Insigth: 

seen by insight.PNG


Attributes retrieved by Apache Directory Studio:

seen by ldap apache directory studio.PNG

Suggest an answer

Log in or Sign up to answer
AUG Leaders

Atlassian Community Events