Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Interests
See all
Community resources
Top groups
Explore all groups
Community resources

Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Get started Tell me more
Atlassian Community about banner
4,297,240
Community Members
 
Community Events
165
Community Groups

LDAP usage in Crowd 3.1.3

Deleted user Apr 11, 2018

Hi,

we want to use Crowd for the user management of several Jira and confluence servers with different users and groups. We also want to use our company wide Active Directory (where we don't have writing rights) as user base and authentication server. How do we get on for that?

I have installed the trial version of Crowd on a server and configured our Active Directory as Crowd Delegated Authentication directory. The test was successful, but even an empty user search does not give any result.

I followed the instructions on https://confluence.atlassian.com/crowd/getting-started-with-crowd-197298051.html

Now I am in doubt whether I should have chosen the first LDAP variant instead of the "delegated authentication"? I thought this couldn't be it as we can't store our Jira and confluence groups in the company Active Directory.

 

Answer
Watch
Like Be the first to like this
1290 views

1 answer

1 accepted

0 votes
Answer accepted
Bruno Vincent
Bruno Vincent Apr 11, 2018 • edited

Hi @[deleted]

That's right, you should have chosen an LDAP directory connector instead of a delegated authentication one: https://confluence.atlassian.com/crowd/configuring-an-ldap-directory-connector-18579550.html

With delegated authentication, users are only retrieved in Crowd after they successfully authenticate.

You don't need to have any write privilege on AD for standard LDAP directory connector. The connector will synchronize users and groups from AD into Crowd and won't do any write operations on AD, at least if you don't want to. You should configure the connector with an AD user that does not have any write privileges on AD.

View More Comments
Deleted user Apr 11, 2018

Merci beaucoup!

Like
Bruno Vincent
Bruno Vincent Apr 11, 2018 • edited

You're welcome @[deleted]!

I've edited and completed my answer as some community readers might want to use Crowd to do write operations on AD, which is also feasible. If you do not want Crowd to write anything on AD:

  • Configure the connector with an AD read-only user
  • Make sure to uncheck all Add/Modify/Remove boxes in the permissions tab of your directory in Crowd's console
Like
Reply

Suggest an answer

Log in or Sign up to answer
Crowd
Crowd
TAGS
Community showcase
Angélica Luz
Angélica Luz
Posted in Jira Service Management

Jira Service Management Documentation Opportunities

Hello everyone, Hope everyone is safe! A few months ago we posted an article sharing all the new articles and documentation that we, the AMER Jira Service Management team created. As mentioned ...

342 views 0 10
Join discussion

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you