Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Active directory sync problems

Justin W Culbreth
Justin W Culbreth July 31, 2018

I have set up an Active Directory server directory to sync with (Read Only w/ Local Groups) - I can disable/re-enable the directory under user management, trigger a sync, and all users will appear (approximately 350). 

However the users will disappear every time, sometimes this happens immediately, sometimes it may take five minutes.

I have noticed that once I have used an account from my active directory (as an issue reporter) it is added to the internal directory.  However shortly afterwards, the username gets crossed out and has "(inactive)" listed underneath it.

EDIT:  I am trying to sync up my users as customers only.  That way they are able to log into the customer portal with their AD credentials, and I don't have to send them an invitation.

 

 

SETUP:

JIRA Service Desk 3.14.0

JIRA Core 7.11

Running JIRA on-premises (Windows Server 2016) connected to a separate database server running Server 2012 with SQL 2014.

Answer
Watch
Like Be the first to like this
9529 views

3 answers

1 accepted

3 votes
Answer accepted
Justin W Culbreth
Justin W Culbreth August 1, 2018

I ended up disabling the AD user directory I created, and created a new LDAP directory.  Everything is now working as it should.

Reply
0 votes
Justin W Culbreth
Justin W Culbreth July 31, 2018

..

Reply
0 votes
Moses Thomas
Moses Thomas
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
July 31, 2018

@Justin W Culbreth

Have you Created groups in active directory /LDAP  in which users will belong to in oder to be able to access jira  SD (for example active_jira_users, active_confluence_users), application access must also be configured in your Jira  SD server using these groups

 

Best!

View More Comments
Justin W Culbreth
Justin W Culbreth July 31, 2018

I am currently using the "domain users" AD group - I did try creating a separate group (i.e. Jira users) but I ran into the same results.

I have also assigned the accounts (within the AD group) the "service desk customer" role within the project.

The problem is that the accounts disappear shortly after I go through and grant them permissions.

Like
Moses Thomas
Moses Thomas
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
July 31, 2018

@Justin W Culbrethhave you configured  the  same group  in  AD  to  be in application access  in your JIRA SD  if yes  then  it  should  synchronize without any  issues  and user should not disappear because  they are in this group  in  AD. 

Like
Justin W Culbreth
Justin W Culbreth July 31, 2018

The AD group that all of my users belong to is listed under the "Service Desk Customers" role for the project - 

roles.PNG

Like
Moses Thomas
Moses Thomas
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
July 31, 2018

So  do you  have the same groups configure  in JIRA SD  in application  access ?

Like
Justin W Culbreth
Justin W Culbreth July 31, 2018

So now I'm very confused, these are customers that I am trying to sync into the system - do they require "application access" as defined by Jira?  Adding them on that page simply gives me an error regarding my license count

Like
Moses Thomas
Moses Thomas
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
July 31, 2018

@Justin W CulbrethIn application access you  have the group  jira-service-desk-users  so  in AD you  should have the same group name  to  allow   syncro   and  user must be  in this  group in AD.

Like
Justin W Culbreth
Justin W Culbreth July 31, 2018

Right but those service-desk-users count against my licenses -I'm simply trying to sync up customer names and logins so that they can log into the customer portal using their AD credentials.

Like
Moses Thomas
Moses Thomas
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
August 1, 2018

@Justin W Culbreth

Great !  that it works !  fine now, please mark  this question  as solved/accepted so   that others can  use  answer  here.

 

Best!

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira Service Desk
Jira Service Management
TAGS
AUG Leaders

Atlassian Community Events

    See all events