Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

JIRA - LDAP Integration

Has anyone integrated their JIRA instance with LDAP? We use AD and are planning to integrate JIRA w/ LDAP to make things easier. What was your experience in doing this? Was the process smooth and are there any issues that may pop up in doing this?

3 comments

Hi @Jess Beitler 


It is built-in functionality in Jira to setup LDAP user directories, either as a synchronized Active Directory or delegated LDAP with local write permissions. With delegated LDAP, Jira has only knowledge about users which have logged in at least once.

It should be quite straight forward to set it up. In the User Management configurations you find a page for User Directories and here you can add your LDAP user directories. Note that, if you have multiple directories active, the user lookup happening when users log in is done according to the user directory order (see up and down arrows in the user directory table).

With a LDAP user directory in Jira, your AD users should be able to log in with their AD credentials.  With AD and the Kantega SSO app for Jira , you can also setup Kerberos to give all users on a trusted network direct and password-free access to Jira. Kerberos works also in combination with other SSO mechanisms such as SAML.

Regards,
Jon Espen

Full disclosure: I work for Kantega SSO, a top marketplace vendor.

Hello Jess,

it's not that hard but here are some random tips:

  • I recommend having a system engineer with good AD knowledge with you while doing the actual configuration
  • You can use multiple user directories in Jira, the order in which they’re configured matters for group management and for passwords. You need to know the different configuration options such as Read Only, Read Only with Local Groups and Read Write.
  • Know which password will be the master password when a user exists in multiple user directories.

  • There are great docs by Atlassian to refer to:
  • When using nested groups, you can't use an  LDAP directory for delegated authentication

Thanks for the responses. I have another question. If there are inactive users w/ associations, what happens to those associations when we finally do integrate JIRA with LDAP?

Comment

Log in or Sign up to comment
TAGS
Community showcase
Published in Trello

How Amy Bauer of Front Yard Veggies uses Trello to make moves: big and small

Hey Trello users, Today we have a special treat: Gardener, mom, and content creator @Amy Bauer shares her career path from marketing guru and fitness entrepreneurship into project management around...

27 views 0 2
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you