Community
Products
Crowd
Questions
What is the best way to configure directories in Crowd?

What is the best way to configure directories in Crowd?

We are running Crowd with Jira, Fisheye and Crucible in our company with about 500-1000 users.

What are the best practices in configuring Crowd directories to control authentication to each application? We are using a delegated authentication directory and will have many users needing access to all applications and many different groups.

Would it be best to create one Crowd directory containing all of the users/groups for each application ex.

Company directory

jira-users
jira-administrators
jira-developers
fisheye-users
fisheye-administrators
fisheye-developers
crucible-users
crucible-administrators

- crucible-developers

~OR

Create a separate Crowd directory for each application ex.

Jira directory
- jira-users
- jira-administrators
- jira-developers
Fisheye directory
- fisheye-users
- fisheye-administrators
- fisheye-developers
Crucible directory
- crucible-users
- crucible-administrators
- crucible-developers

Also we will be using SSO-- is this configurable with both options?

Thanks!

2 answers

1 accepted

I thik it really boils down to how users will use the various tools. If everyone will use everything and can see everything, I'd keep things simple and use the same group to control similar access on all tools. For example, create a "users" group, dump everyone in there and grant the "users" group permissions to log in and do basic functions on each application. If you have more distinction with your userbase, you might need to break things up as you suggest. I see companies that do this both ways. It just depends on your license and security situation. I'm in favor of not adding complexity for complexity's sake, personally.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

If your situation permits, I recommendone Crowd directory as Dave mentioned. If you have multiple Crowd directories, you have to add a user who will use all of Jira, Fishehe and Crucible into each directory. It's a troublesome task.

You can also use multiple Crowd directories in order to use multiple directory types. For example, one direcory is LDAP Delegated Authentication and another is Crowd Internal Directory.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Thanks Shun!

Will all of the groups within that directory show up in each application?

If so, does that count towards the license limit in the application?

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Yes all groups will show up in each application.

But only the people who can actually log into your application count towards your license limit.

Best regards,

Peter

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Suggest an answer

Crowd

Products

Interests

Groups

Community resources

Support

What is the best way to configure directories in Crowd?

2 answers

1 accepted

Suggest an answer

Meet the community IRL

Maggie Roney

The Crowd team is looking for feedback on Server & Data Center customers' identity strategies!

Atlassian User Groups

Find my local user group

Groups near you