share issue only with users that have JIRA access

Hello,

we have about 28000 Users in our Active Directory. Users with access to JIRA are less than 100.

When I share an issue, the list of the uses contains all 28k.
How can I change JIRA, so that this list only contains users that have JIRA access?

1 answer

When you use Active Directory as Jira User Directory you can use ldap filter to get only the user that have access to jira.
How do you grant you 100 User access to Jira?

In our case our jira users are members of active directory groups (jira-core-users and jira-software-users). we have also alot of users that dont have access to jira.
So i have created a filter to get only the user that are in the above mentioned groups. LDAP filter looks like this:

"ldap.user.filter": "
(&(objectCategory=Person)(sAMAccountName=*)
(|(memberOf:1.2.840.113556.1.4.1941:=cn=jira-core-users,OU=jira,OU=ourMainOU,DC=ourCompanyDc)
(memberOf:1.2.840.113556.1.4.1941:=cn=jira-software-users,OU=jira,OU=ourMainOU,DC=ourCompanyDc)))"

(the number behind membersOf is the LDAP matching rule OID, google it for more information)
that query has to be entered in your ad-settings in Jira in the user schema settings part in "User Object Filter":

jira_ldap_user.png

I would also give you a link to jira documentation but its not working today. so i hope this is enough help

Thanks Stefan.
But for this solution I need our IT, because they have to create & manage the LDAP Group.


Now, as JIRA Admin, I set these groups manually (Read Only, with Local Groups):
https://confluence.atlassian.com/display/AdminJIRAServer071/Connecting+to+an+LDAP+directory

Then i need more information how you "share" issues.
Do you mean that you add them as watchers or what are you doing to "share"?

Iam sure you cant restrict this feature in a simple way.
The clean way would be to import only the 100 Jira Users from Active Directory. Talk to your IT, its should not be a big effort and will make you work much easier in future.

But then, I always need the IT, when I want do add a user to JIRA.

This means additional IT tickets and waiting time I don't need  ;)

Suggest an answer

Log in or Sign up to answer
Community showcase
Asked Thursday in Jira Ops

I'm John Allspaw, Ask Me Anything about incident analysis and postmortems

I'm John Allspaw, co-founder of   Adaptive Capacity Labs, where we help teams use their incidents to learn and improve. We bring research-driven methods and approaches to drive effective inciden...

444 views 2 5
View question

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you