We are running JIRA 6.3.7 and authenticate to our LDAP directory. I would like to create a read-only group for JIRA users. I created a group in Active Directory called "jira-viewers" and added the AD account to that group. Within JIRA, I added the jira-viewers group to the jira-users permission. I also gave the jira-viewers group the ability to browse projects in our two permission schemes. However, the AD account, which is a member of the jira-viewers group cannot log in. It just says "username and password are incorrect". If a move that AD account to the jira-users AD group, it can log in successfully. Can someone explain why that account can't log in when it's a member of our jira-viewers group?
Thank you,
Do you have any other ideas as to why "juser" can't login?
Yes it is the Global Permission "JIRA Users" that the "jira-viewers" group was given. This is what I see in the logs:
atlassian-jira-security.log.1:2015-06-29 09:23:24,212 http-bio-8080-exec-22 anonymous 563x14208x1 qn7nqa 10.42.18.104,127.0.0.1 /rest/gadget/1.0/login login : 'juser' tried to login but they do not have USE permission or weren't found. Deleting remember me cookie.
atlassian-jira-security.log.1:2015-06-29 09:23:24,224 http-bio-8080-exec-22 anonymous 563x14208x1 qn7nqa 10.42.18.104,127.0.0.1 /rest/gadget/1.0/login The user 'juser' has FAILED authentication. Failure count equals 2
In User Management, "juser" is clearly in the jira-viewers group. It's like the system is ignoring the Global Permission "JIRA Users" for members of the jira-viewers group.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Don,
Just to be sure, when you say I added the jira-viewers group to the jira-users permission, you are mentioning the "JIRA Users" Global Permission, correct?
If so, can you check in your $JIRA_HOME/log/atlassian-jira.log (and in the atlassian-jira-security.log in the same folder, if you have it) if is there any error messages when trying to log in?
Cheers,
Andre
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.