Avoid importing groups from Active Directory but link users with the regular JIRA groups.

Hello,

I've connected JIRA 5.0.1 to our MS Active Directory by creating a new user directory in JIRA. All my users from the AD are well added to this new JIRA directory.

However groups linked to those imported users come from the AD and are not the groups previously defined in JIRA (such jira-users, jira-developers, …).

Is there a way to link existing group from JIRA and to avoid importing the groups from the Active Directory when I'm importing users from AD?

Thank you.



3 answers

1 accepted

Hi there,

In order to use JIRA groups for your LDAP users you will need to configure your LDAP directory to use "Read Only with Local Group" permission setting.

In order to avoid your directory to synchronize the LDAP groups into your JIRA, you will need to create a search filter that can't retrieve any groups. For example using "DummyValue" such as

(objectCategory=DummyValue)

In order to configure a default group(s) for all of your LDAP users, you could use "Adding Users to Groups Automatically". This feature will allow your LDAP users to be added into the configured local group(s) automatically during their first log-in.

Hope it helps.

Cheers,
Septa Cahyadiputra

Hi Septa,

Thank you very much for your answer, it helps in this way that my imported users are not linked to AD groups.

However is there a way to assign default JIRA groups when importing those users such it works when I create a user manually in JIRA? Do we exclusively need working with Crowd for that?

Thank you!

François.

Yes, it is possible. Just update my first answer, please refer to my edited answer.

Cheers,
Septa Cahyadiputra

Septa,

absolutely perfect! Thank you very much for your great help.

François.

30 karma pts should be granted to Septa's answer.. That is correct..

What more are you looking for in this?

ouch on that down-vote?

Not sure what that was for - Harsh! - indeed Septa's answer was correct, after validating in our engineering as well.

Depending on how big your AD is, if you have nested groups, and also if you want similar group management in more than one Atlassian app, you might want to consider using Crowd for additional controls and SSO between the apps ..

Here's for filtering in Crowd..

https://confluence.atlassian.com/display/CROWD/Restricting+LDAP+Scope+for+User+and+Group+Search

Suggest an answer

Log in or Sign up to answer
Atlassian Community Anniversary

Happy Anniversary, Atlassian Community!

This community is celebrating its one-year anniversary and Atlassian co-founder Mike Cannon-Brookes has all the feels.

Read more
Community showcase
Julia Dillon
Posted Tuesday in Jira

Tell us how your team runs on Jira!

Hey Atlassian Community! Today we are launching a bunch of customer stories about the amazing work teams, like Dropbox and Twilio, are doing with Jira. You can check out the stories here. The thi...

225 views 1 18
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you