Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Implementing LDAP in Jira 5.2.3

Vishal Chugh
Vishal Chugh April 7, 2013

Hi,

We have requirement to implement LDAP for exisitng Jira 5.2.3 set-up ( working fine with internal directory ) .

Till now , whenever we created new Jira user (as Jira admin ) , we set username same as password . Later on , corresponding user changes it if needed .

But this is not secure enough , so implementing LDAP ( to make it work with our corporate LDAP) will make it more secure and everyone will be to use their global corporate username/password.

So far i have understood Jira , currenly it is using our internal directory for this purpose ( which is by default configured )

I came across below docs for implementing LDAP:

https://confluence.atlassian.com/display/JIRA/Connecting+to+an+LDAP+Directory

and

https://confluence.atlassian.com/display/JIRA/Connecting+to+an+Internal+Directory+with+LDAP+Authentication

I dont understand , what is the difference between two above ? which one , we should go for ?

We tried implementing both of them , but neither works for us :-(. I mean after configuring them , still we are not able to login through LDAP user/password. Are we missing on ant of steps ?

In case , any one who has already implemented it , advise us , would be very great .

Please let me know , if any other is info is needed from my end.

Thank you ,

Vishal Chugh



Answer
Watch
Like Be the first to like this
266 views

6 answers

0 votes
Vishal Chugh
Vishal Chugh April 15, 2013

Hi Septa ,

While providing LDAP details to configure "Internal directory with LDAP" , test connection goes successful , followed by successful migration and then re-sorting user directories order to look first in this new configured directory then to internal dorectory . With all this , we understood all is fine but then when we try to login , it breaks :-( ....Sorry , not sure , if jira.log will give any useful info in this regard .

Thanks,

Vishal Chugh

View More Comments
Septa Cahyadiputra
Septa Cahyadiputra
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
April 15, 2013

Hi Vishal,

The mentioned test connection is just JIRA trying to bind the LDAP server. While authentication failure could be due to multiple causes such as wrong search filter, insufficient privilege to read into a specific tree where the user is located and others.

We hope your logs will give you some insight of the cause of the issue. Just to confirm, users authentication is rejected by JIRA and need to try again right instead of log-in successful but can't see anything on your instance.

Cheers,
Septa Cahyadiputra

Like
Vishal Chugh
Vishal Chugh April 15, 2013

Hi Septa,

We will soon give another attempt to this ( don't want to touch at this moment , as most of users are currently logged in and busy with Jira ) and will share updates...

Thank you so much for guiding though this.

Thanks,

Vishal Chugh

Like
Reply
0 votes
Septa Cahyadiputra
Septa Cahyadiputra
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
April 15, 2013

Hi Vishal,

To troubleshoot this issue, you might need to add a unique administrator user registered under your internal directory. Hence, after applying the mentioned steps by Ranjith if it is not successful, you can use this user to login and re-order the directory.

To understand more of your issue, you might want to scheme trough your atlassian-jira.log which is located in <JIRA_HOME_Dir>/logs/ after replicating the issue on your end. JIRA should give you some failure indication which we might be able to deduct if you posted here.

Please noted that this is a public thread so you might need to censored your log.

Cheers,
Septa Cahyadiputra

Reply
0 votes
Vishal Chugh
Vishal Chugh April 15, 2013

Sadly , as soon as , we implement it with steps (same as Ranjith mentioned above ) , it breaks the authentication of Jira applicaiton completely . I mean , then no one is able to login with any of credentials :-( , which is very annoying . Thankfully , we had snapshot to revert back .

Reply
0 votes
Vishal Chugh
Vishal Chugh April 15, 2013

Hi Zulfadli,

We have already exisitng Jira setup ( configured with deafult internal directory ). Now , we have requirement to implement LDAP in Jira , so that users will be able to login with their interanet global corporate username/password (which they use to login to their machines ) .

Then passwords ( in internal directory of Jira ) will be surely different from passwords in LDAP.

Reply
0 votes
Vishal Chugh
Vishal Chugh April 15, 2013

Hi Ranjith ,

We tried it again , this doesnt work :-( ...

Thanks,

Vishal Chugh

Reply
0 votes
Renjith Pillai
Renjith Pillai
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
April 7, 2013
If you want to reuse the existing users, then configure internal directory with ldap authentication and migrate users from internal directory to this new directory. After migration make the new directory as the first one in directory order.
View More Comments
Vishal Chugh
Vishal Chugh April 9, 2013

Hi Ranjith,

Thank you for assisting with this .

We tried this , but it din't work :-( . Test connection to LDAP went succerssful but after migrating all users from internal to new LDAP (with internal ) , no user was able to login , neither through LDAP user/password or with orginal user/password , so we had to roll back the changes . Can you please advise ?

Also , is there any mandatory condition that all users must be in "logged out" stage while performing migration ? ( just a query )

Thank you,

Vishal Chugh

Like
Zul NS _Atlassian_
Zul NS _Atlassian_
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
April 15, 2013

Are the users in LDAP has the same password as in JIRA?

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

    See all events