Need help translating ldapsearch to Jira LDAP configuration.

Deleted user March 11, 2016

I'm trying to get JIRA to authenticate to an internal LDAP server.  I have an ldapsearch command that lists the users in the group, but I can't get the JIRA configuration to authenticate properly. The ldap search command is:

ldapsearch -x -h <FQDNofServer> -b ou=memberlist,ou=ibmgroups,o=ibm.com "cn=<ParticularGroup>"

(of course, the <> are replaced with the actual values)

The output of this list all of the users in that group, so it seems to be working... the question is,  how do I translate to the ldap configuration?

I can configure JIRA so that any user that is in the overall directory can authenticate, but I can't narrow it down to the <ParticularGroup>

Key values in Jira:

Base DN:  ou=memberlist,ou=ibmgroups,o=ibm.com

Additional User DN: cn=<ParticularGroup>

I'm fairly confident that everything else is correct, because I can modify to this and any user in the directory can login:

Base DN: o=ibm.com

Additional User DN: ou=bluepages

 

thanks,

1 answer

0 votes
Daniel Santos
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
March 13, 2016

Hi John,

    The base DN is the common path for both group and user objects.
    So if you use:

Base DN:  ou=memberlist,ou=ibmgroups,o=ibm.com
    Additional User DN:



    Jira will start to search for users at cn=<ParticularGroup>,ou=memberlist,ou=ibmgroups,o=ibm.com, but you may not have user objects there. User objects are different from group objects. The conbination of Base DN and Additional User DN needs to return branch from your LDAP where your users can be found.

    If you use:

Base DN: o=ibm.com
    Additional User DN: ou=bluepages



    You probably can restrict your users by using the following User Object Filter:

(&amp;(objectCategory=Person)(sAMAccountName=*)(memberOf=cn=&lt;ParticularGroup&gt;,ou=memberlist,ou=ibmgroups,o=ibm.com))


    Please notice this is just a guess, since I don't know your LDAP structure.

    You can find detailed information regarding the LDAP and filters from:

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events