Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Access from two active directory domains

Mosh
Mosh September 1, 2022

 

Hello 

We have a Jira Server and all users are logged in from one given domain (aka domain1.com) through Active Directory.

 

Now we have to give access from another domain (aka domain2.com) . Both domains are trusted.

Should it work with Jira Server?  Do we need some add-on or 3rd-party app to support it? 

 

Thanks in advance

 

Answer
Watch
Like Be the first to like this
1137 views

1 answer

1 accepted

3 votes
Answer accepted
Steve Thornhill
Steve Thornhill
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
September 1, 2022

You can define multiple access points into Jira out of the box to match what you are attempting. 

Just be aware of the ordering of the directory list if a user exists in both domains, the first in the list will be used to check credentials.

View More Comments
Ismael Jimoh
Ismael Jimoh
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
September 1, 2022

What Steve described above is correct and so long as you are on JIRA server, you should be able to connect new directories without an add-on as described here.

Also note the point he made about directory positions.

If you have multiple directories however there are a few things I would recommend adding to what was suggested:

  1. Make sure users have the same username attribute across directories (if not, you will have the same user with multiple accounts),
  2. The group association is per directory so changing the order of your directory could revoke specific group membership for a user if he or she is not a part of the group in question.
  3. Watch out for your license. New directories bring in new users, make sure you constrain your connection filter as much as possible to avoid leading to a scenario where the application is not usable due to your change.


I will recommend testing out the directory connection on a test server before doing it on your production.

Rgds

Like
Oleksandr Tynetalo
Oleksandr Tynetalo March 15, 2023

Hi @Steve Thornhill@Ismael Jimoh as i understand @Mosh has asked about possibility to synchronise and provide access to Jira for users in different Active Directory which is "trusted" to the AD already connected to Jira

So the question is: will user from domain2 have access to JIra, if Jira is only connected to domain1, and domain1 has trust relation with domain2

This situation is possible when Jira has access only to one AD, but not to second AD, which makes impossible to connect second domain and use multiple directories in Jira

Like
Artur Moura
Artur Moura
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
May 29, 2023

Hi team, 

Currently, there is no option for Jira/Crowd to sync users from another trusted domain via one specific domain controller. 

Here in this https://jira.atlassian.com/browse/CWD-2978 suggestion, we can confirm this.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

    See all events