Avoid importing groups from Active Directory but link users with the regular JIRA groups.

Hello,

I've connected JIRA 5.0.1 to our MS Active Directory by creating a new user directory in JIRA. All my users from the AD are well added to this new JIRA directory.

However groups linked to those imported users come from the AD and are not the groups previously defined in JIRA (such jira-users, jira-developers, …).

Is there a way to link existing group from JIRA and to avoid importing the groups from the Active Directory when I'm importing users from AD?

Thank you.



3 answers

1 accepted

Hi there,

In order to use JIRA groups for your LDAP users you will need to configure your LDAP directory to use "Read Only with Local Group" permission setting.

In order to avoid your directory to synchronize the LDAP groups into your JIRA, you will need to create a search filter that can't retrieve any groups. For example using "DummyValue" such as

(objectCategory=DummyValue)

In order to configure a default group(s) for all of your LDAP users, you could use "Adding Users to Groups Automatically". This feature will allow your LDAP users to be added into the configured local group(s) automatically during their first log-in.

Hope it helps.

Cheers,
Septa Cahyadiputra

Hi Septa,

Thank you very much for your answer, it helps in this way that my imported users are not linked to AD groups.

However is there a way to assign default JIRA groups when importing those users such it works when I create a user manually in JIRA? Do we exclusively need working with Crowd for that?

Thank you!

François.

Yes, it is possible. Just update my first answer, please refer to my edited answer.

Cheers,
Septa Cahyadiputra

Septa,

absolutely perfect! Thank you very much for your great help.

François.

30 karma pts should be granted to Septa's answer.. That is correct..

What more are you looking for in this?

ouch on that down-vote?

Not sure what that was for - Harsh! - indeed Septa's answer was correct, after validating in our engineering as well.

Depending on how big your AD is, if you have nested groups, and also if you want similar group management in more than one Atlassian app, you might want to consider using Crowd for additional controls and SSO between the apps ..

Here's for filtering in Crowd..

https://confluence.atlassian.com/display/CROWD/Restricting+LDAP+Scope+for+User+and+Group+Search

Suggest an answer

Log in or Join to answer
Community showcase
Sarah Schuster
Posted Jan 29, 2018 in Jira

What are common themes you've seen across successful & failed Jira Software implementations?

Hey everyone! My name is Sarah Schuster, and I'm a Customer Success Manager in Atlassian specializing in Jira Software Cloud. Over the next few weeks I will be posting discussion topics (8 total) to ...

2,803 views 11 18
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you
Atlassian Team Tour

Join us on the Team Tour

We're bringing product updates and pro tips on teamwork to ten cities around the world.

Save your spot