Missed Team ’24? Catch up on announcements here.

×
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

How do I extend LDAP simple authentication to groups and user synchronisation?

stuartu
stuartu February 12, 2012

We upgraded Jira from 4.1.1 about six months ago to Jira 4.4.1. Our Jira installation has only ever done basic authentication to our OpenLDAP server, i.e. our hostname, port, base dn and username attribute are configured, but nothing else.

I now want to synchronise our groups and user information from the same OpenLDAP server, but I am unsure of the approach to take with this.

Do I:
1. Create a new user directory and switch to that one
or
2. Edit my existing user directory

It seems that both options require some fudging of data at the database end, and I want to know which direction I should be pursueing.

Perhaps someone has done this before or can point me to some other thread or doc that can help.

Answer
Watch
Like Be the first to like this
200 views

2 answers

1 accepted

0 votes
Answer accepted
stuartu
stuartu February 12, 2012

doh!... configuration issue with my LDAP User Schema Settings. Working fine now.

Reply
0 votes
stuartu
stuartu February 12, 2012

Looks like I have to go with option 1. My existing LDAP in Jira was configured as "JIRA Delegated Authentication Directory" with directory type='Generic Directory Server'. I could not edit it until I did a SQL from the back end changing all my directory_id's to something else. Now I see this option does not allow me to configure advanced, user, group or membership schema.

I had earlier tried option 1, where I created a new directory with the directory type=OpenLDAP (Read Only Posix Schema). Before synchronising, I updated the CWD_USERS, CWD_MEMBERSHIP and CWD_USER_ATTRIBUTES to my new directory id, as I did not want duplicates coming down from LDAP. It sync'd my groups, and I can see it process my users, although nothing new bought across due to them already being in sync.

There is however, no user association with groups. In fact, I can not see any users who are in this User Directory. Am I missing something?

Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events