Remote Crowd directory test successful, yet user fails to authenticate

Thanks for the direction Ann.  The error message displayed in the browser is "You do not have a permission to log in. If you think this is incorrect, please contact your JIRA administrators."  I don't see any errors in atlassian-jira.log, However, I find them in the file atlassian-jira-security.log.  The error messages I see are:

The user 'jseymour' is NOT AUTHORIZED to perform to login for this request.
login : 'jseymour' tried to login but they do not have USE permission or weren't found. Deleting remember me cookie.
The user 'jseymour' is NOT AUTHORIZED to perform this request.
The user 'jseymour' is NOT AUTHORIZED to perform to login for this request (16 times)

The message that reads "... do not have USE permission ..." is soemwhat specific.  I logged on to Crowd and made sure that this user is add to Jira application in Crowd.  It sounds like this is some kind of configuration related issue that I have not figured out yet.  

Any help is greatly appreciated please.

Thanks,

Rizwan

It sounds like the user is not in a group that has Global Permission for JIRA. (Cog wheel>system>Global permissions) The default is jira-users. The Crowd setup instructions recommend creating permission groups in Crowd:

"JIRA also requires particular groups to exist in the directory in order to authenticate users. You need to ensure that these three groups exist in the JIRA Directory in Crowd:
jira-users
jira-developers
jira-administrators"

Thanks Ann, This helped me move in the right direction, and my issue is resolved (almost). I also found this link searching for this solution: https://confluence.atlassian.com/jirakb/unable-to-login-to-jira-applications-596770904.html.

I already had the three groups in Jira Directory in Crowd - but those are in the internal directory, not Custom directory. Custom directory comes with its own groups. I just had to assign permissions for the groups in Custom Directory in Jira (Cog wheel>system>Global permissions). The reason why I said "almost" resolved is...

In my Global Permissions, I do not see "JIRA users" permissions, only "Browse Users". I assigned the custom group to "Browse Users" set of permissions but it did not work. Then I assigned the custom group to "JIRA administrators" and it worked. I need to figure out why I don't have "JIRA Users" permissions in my Global permissions. This is in JIRA, not in Crowd. If you happen to know the resolution to this, it would be great.

And again, thanks a lot for the help.

In JIRA go to Applications and then application Access. To log in, the user must belong to a group on that page: <Base_URL/secure/admin/ApplicationAccess.jspa. You can add your custom group at the bottom of the page:

Ann, Please ignore my question in the previous comment.  I think I resolved the issue I had.  I also had to assign Application Access to the Custom Directory groups in JIRA.  For instance, right now, I did the following in JIRA.  

Cog Wheel -> System -> Applications -> Application Access.  And here I added the custom directory groups to the application access.  And now the Custom directory users from the added groups are able to login to JIRA without having to add them to JIRA administrators.

From this point on, I think, any issues I may have may be related to the complex permission schemes I need to configure.  My primary issue with making the custom directory interface (RemoteDirectory) work is resolved.

Thanks a lot again!

Sorry, I posted my comment before reading your reply.  Thanks!  This Application Access page resolved my issue.