Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Celebration

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root

Avatar

1 badge earned

Collect

Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!

Challenges
Coins

Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.

Recognition
Ribbon

Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!

Leaderboard

Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,551,681
Community Members
 
Community Events
184
Community Groups

Access from two active directory domains

 

Hello 

We have a Jira Server and all users are logged in from one given domain (aka domain1.com) through Active Directory.

 

Now we have to give access from another domain (aka domain2.com) . Both domains are trusted.

Should it work with Jira Server?  Do we need some add-on or 3rd-party app to support it? 

 

Thanks in advance

 

1 answer

1 accepted

3 votes
Answer accepted
Steve Thornhill
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Sep 01, 2022

You can define multiple access points into Jira out of the box to match what you are attempting. 

Just be aware of the ordering of the directory list if a user exists in both domains, the first in the list will be used to check credentials.

Ismael Jimoh
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Sep 01, 2022

What Steve described above is correct and so long as you are on JIRA server, you should be able to connect new directories without an add-on as described here.

Also note the point he made about directory positions.

If you have multiple directories however there are a few things I would recommend adding to what was suggested:

  1. Make sure users have the same username attribute across directories (if not, you will have the same user with multiple accounts),
  2. The group association is per directory so changing the order of your directory could revoke specific group membership for a user if he or she is not a part of the group in question.
  3. Watch out for your license. New directories bring in new users, make sure you constrain your connection filter as much as possible to avoid leading to a scenario where the application is not usable due to your change.


I will recommend testing out the directory connection on a test server before doing it on your production.

Rgds

Hi @Steve Thornhill@Ismael Jimoh as i understand @Mosh has asked about possibility to synchronise and provide access to Jira for users in different Active Directory which is "trusted" to the AD already connected to Jira

So the question is: will user from domain2 have access to JIra, if Jira is only connected to domain1, and domain1 has trust relation with domain2

This situation is possible when Jira has access only to one AD, but not to second AD, which makes impossible to connect second domain and use multiple directories in Jira

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events