It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Avoid importing groups from Active Directory but link users with the regular JIRA groups.

Hello,

I've connected JIRA 5.0.1 to our MS Active Directory by creating a new user directory in JIRA. All my users from the AD are well added to this new JIRA directory.

However groups linked to those imported users come from the AD and are not the groups previously defined in JIRA (such jira-users, jira-developers, …).

Is there a way to link existing group from JIRA and to avoid importing the groups from the Active Directory when I'm importing users from AD?

Thank you.



3 answers

1 accepted

17 votes
Answer accepted

Hi there,

In order to use JIRA groups for your LDAP users you will need to configure your LDAP directory to use "Read Only with Local Group" permission setting.

In order to avoid your directory to synchronize the LDAP groups into your JIRA, you will need to create a search filter that can't retrieve any groups. For example using "DummyValue" such as

(objectCategory=DummyValue)

In order to configure a default group(s) for all of your LDAP users, you could use "Adding Users to Groups Automatically". This feature will allow your LDAP users to be added into the configured local group(s) automatically during their first log-in.

Hope it helps.

Cheers,
Septa Cahyadiputra

Hi Septa,

Thank you very much for your answer, it helps in this way that my imported users are not linked to AD groups.

However is there a way to assign default JIRA groups when importing those users such it works when I create a user manually in JIRA? Do we exclusively need working with Crowd for that?

Thank you!

François.

Yes, it is possible. Just update my first answer, please refer to my edited answer.

Cheers,
Septa Cahyadiputra

Pleasure is all mine :)

Septa,

absolutely perfect! Thank you very much for your great help.

François.

2 votes

30 karma pts should be granted to Septa's answer.. That is correct..

What more are you looking for in this?

ouch on that down-vote?

Not sure what that was for - Harsh! - indeed Septa's answer was correct, after validating in our engineering as well.

1 vote

Depending on how big your AD is, if you have nested groups, and also if you want similar group management in more than one Atlassian app, you might want to consider using Crowd for additional controls and SSO between the apps ..

Here's for filtering in Crowd..

https://confluence.atlassian.com/display/CROWD/Restricting+LDAP+Scope+for+User+and+Group+Search

Suggest an answer

Log in or Sign up to answer
This widget could not be displayed.
This widget could not be displayed.
Community showcase
Published in Next-gen

Introducing subtasks for breaking down work in next-gen projects

Teams break work down in order to help simplify complex tasks. This is often done iteratively, with tasks being broken down into smaller tasks and so on until the work is accurately captured in well-...

2,171 views 14 17
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you