Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

How to avoid creating certain LDAP groups when synchronizing?

Nicolas Bourdages
Nicolas Bourdages
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
November 4, 2015

Here's my situation. We have a LDAP directory which contains users and their group memberships. However, not all groups are useful in JIRA. Some are used for other applications.

I'll give an example:

"user1" is member of "jira.group1", "jira.group2" and "notjira.group1"

Currently, when user1 logs in, all 3 groups are created in JIRA. 

I'd like to make only groups in "jira." format be created automatically on login.

I've looked at this doc as suggested in other Answers posts, but that's not quite what I need. I want any user on that LDAP to be able to connect to JIRA regardless of the groups they belong to, I just don't want useless groups to be created when users belong to groups used in other apps.

Thanks for any help!

Answer
Watch
Like Be the first to like this
347 views

1 answer

1 accepted

0 votes
Answer accepted
Marcus Silveira
Marcus Silveira
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
November 4, 2015

Hi Nicolas,

If you change your Group Object Filter as mentioned by the Example 2 of that same doc and add the specific group names you want JIRA to retrieve, you should be able to get only the groups you want.

Please note the Group object filter field has a 255 character limitation in the database, so you won't be able to list too many groups in the field.

If you need more groups than you are able to filter, you may want to put them all as a nested group of another "parent" group and filter by this parent group with something like the query below

memberOf:1.2.840.113556.1.4.1941:=cn=ParentGroup,ou=groups,dc=company,dc=com

or put them on a separate DN and only get groups from inside that DN using the "Additional Group DN" field.

 

This doc may also be helpful here.

 

Hope this helps

Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

    See all events