Implementing LDAP in Jira 5.2.3

Hi,

We have requirement to implement LDAP for exisitng Jira 5.2.3 set-up ( working fine with internal directory ) .

Till now , whenever we created new Jira user (as Jira admin ) , we set username same as password . Later on , corresponding user changes it if needed .

But this is not secure enough , so implementing LDAP ( to make it work with our corporate LDAP) will make it more secure and everyone will be to use their global corporate username/password.

So far i have understood Jira , currenly it is using our internal directory for this purpose ( which is by default configured )

I came across below docs for implementing LDAP:

https://confluence.atlassian.com/display/JIRA/Connecting+to+an+LDAP+Directory

and

https://confluence.atlassian.com/display/JIRA/Connecting+to+an+Internal+Directory+with+LDAP+Authentication

I dont understand , what is the difference between two above ? which one , we should go for ?

We tried implementing both of them , but neither works for us :-(. I mean after configuring them , still we are not able to login through LDAP user/password. Are we missing on ant of steps ?

In case , any one who has already implemented it , advise us , would be very great .

Please let me know , if any other is info is needed from my end.

Thank you ,

Vishal Chugh



6 answers

This widget could not be displayed.
If you want to reuse the existing users, then configure internal directory with ldap authentication and migrate users from internal directory to this new directory. After migration make the new directory as the first one in directory order.

Hi Ranjith,

Thank you for assisting with this .

We tried this , but it din't work :-( . Test connection to LDAP went succerssful but after migrating all users from internal to new LDAP (with internal ) , no user was able to login , neither through LDAP user/password or with orginal user/password , so we had to roll back the changes . Can you please advise ?

Also , is there any mandatory condition that all users must be in "logged out" stage while performing migration ? ( just a query )

Thank you,

Vishal Chugh

Are the users in LDAP has the same password as in JIRA?

This widget could not be displayed.

Hi Ranjith ,

We tried it again , this doesnt work :-( ...

Thanks,

Vishal Chugh

This widget could not be displayed.

Hi Zulfadli,

We have already exisitng Jira setup ( configured with deafult internal directory ). Now , we have requirement to implement LDAP in Jira , so that users will be able to login with their interanet global corporate username/password (which they use to login to their machines ) .

Then passwords ( in internal directory of Jira ) will be surely different from passwords in LDAP.

This widget could not be displayed.

Sadly , as soon as , we implement it with steps (same as Ranjith mentioned above ) , it breaks the authentication of Jira applicaiton completely . I mean , then no one is able to login with any of credentials :-( , which is very annoying . Thankfully , we had snapshot to revert back .

This widget could not be displayed.

Hi Vishal,

To troubleshoot this issue, you might need to add a unique administrator user registered under your internal directory. Hence, after applying the mentioned steps by Ranjith if it is not successful, you can use this user to login and re-order the directory.

To understand more of your issue, you might want to scheme trough your atlassian-jira.log which is located in <JIRA_HOME_Dir>/logs/ after replicating the issue on your end. JIRA should give you some failure indication which we might be able to deduct if you posted here.

Please noted that this is a public thread so you might need to censored your log.

Cheers,
Septa Cahyadiputra

This widget could not be displayed.

Hi Septa ,

While providing LDAP details to configure "Internal directory with LDAP" , test connection goes successful , followed by successful migration and then re-sorting user directories order to look first in this new configured directory then to internal dorectory . With all this , we understood all is fine but then when we try to login , it breaks :-( ....Sorry , not sure , if jira.log will give any useful info in this regard .

Thanks,

Vishal Chugh

Hi Vishal,

The mentioned test connection is just JIRA trying to bind the LDAP server. While authentication failure could be due to multiple causes such as wrong search filter, insufficient privilege to read into a specific tree where the user is located and others.

We hope your logs will give you some insight of the cause of the issue. Just to confirm, users authentication is rejected by JIRA and need to try again right instead of log-in successful but can't see anything on your instance.

Cheers,
Septa Cahyadiputra

Hi Septa,

We will soon give another attempt to this ( don't want to touch at this moment , as most of users are currently logged in and busy with Jira ) and will share updates...

Thank you so much for guiding though this.

Thanks,

Vishal Chugh

Suggest an answer

Log in or Sign up to answer
Atlassian Summit 2018

Meet the community IRL

Atlassian Summit is an excellent opportunity for in-person support, training, and networking.

Learn more
Community showcase
Posted Wednesday in New to Jira

Are you planning to trial, or are currently trialling Jira Software? - We want to talk to you!

Hello! I'm Rayen, a product manager at Atlassian. My team and I are working hard to improve the trial experience for Jira Software Cloud. We are interested in   talking to 20 people planning t...

128 views 2 0
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you