Implementing LDAP in Jira 5.2.3

Hi,

We have requirement to implement LDAP for exisitng Jira 5.2.3 set-up ( working fine with internal directory ) .

Till now , whenever we created new Jira user (as Jira admin ) , we set username same as password . Later on , corresponding user changes it if needed .

But this is not secure enough , so implementing LDAP ( to make it work with our corporate LDAP) will make it more secure and everyone will be to use their global corporate username/password.

So far i have understood Jira , currenly it is using our internal directory for this purpose ( which is by default configured )

I came across below docs for implementing LDAP:

https://confluence.atlassian.com/display/JIRA/Connecting+to+an+LDAP+Directory

and

https://confluence.atlassian.com/display/JIRA/Connecting+to+an+Internal+Directory+with+LDAP+Authentication

I dont understand , what is the difference between two above ? which one , we should go for ?

We tried implementing both of them , but neither works for us :-(. I mean after configuring them , still we are not able to login through LDAP user/password. Are we missing on ant of steps ?

In case , any one who has already implemented it , advise us , would be very great .

Please let me know , if any other is info is needed from my end.

Thank you ,

Vishal Chugh



6 answers

0 vote
Renjith Pillai Community Champion Apr 07, 2013
If you want to reuse the existing users, then configure internal directory with ldap authentication and migrate users from internal directory to this new directory. After migration make the new directory as the first one in directory order.

Hi Ranjith,

Thank you for assisting with this .

We tried this , but it din't work :-( . Test connection to LDAP went succerssful but after migrating all users from internal to new LDAP (with internal ) , no user was able to login , neither through LDAP user/password or with orginal user/password , so we had to roll back the changes . Can you please advise ?

Also , is there any mandatory condition that all users must be in "logged out" stage while performing migration ? ( just a query )

Thank you,

Vishal Chugh

Are the users in LDAP has the same password as in JIRA?

Hi Ranjith ,

We tried it again , this doesnt work :-( ...

Thanks,

Vishal Chugh

Hi Zulfadli,

We have already exisitng Jira setup ( configured with deafult internal directory ). Now , we have requirement to implement LDAP in Jira , so that users will be able to login with their interanet global corporate username/password (which they use to login to their machines ) .

Then passwords ( in internal directory of Jira ) will be surely different from passwords in LDAP.

Sadly , as soon as , we implement it with steps (same as Ranjith mentioned above ) , it breaks the authentication of Jira applicaiton completely . I mean , then no one is able to login with any of credentials :-( , which is very annoying . Thankfully , we had snapshot to revert back .

Hi Vishal,

To troubleshoot this issue, you might need to add a unique administrator user registered under your internal directory. Hence, after applying the mentioned steps by Ranjith if it is not successful, you can use this user to login and re-order the directory.

To understand more of your issue, you might want to scheme trough your atlassian-jira.log which is located in <JIRA_HOME_Dir>/logs/ after replicating the issue on your end. JIRA should give you some failure indication which we might be able to deduct if you posted here.

Please noted that this is a public thread so you might need to censored your log.

Cheers,
Septa Cahyadiputra

Hi Septa ,

While providing LDAP details to configure "Internal directory with LDAP" , test connection goes successful , followed by successful migration and then re-sorting user directories order to look first in this new configured directory then to internal dorectory . With all this , we understood all is fine but then when we try to login , it breaks :-( ....Sorry , not sure , if jira.log will give any useful info in this regard .

Thanks,

Vishal Chugh

Hi Vishal,

The mentioned test connection is just JIRA trying to bind the LDAP server. While authentication failure could be due to multiple causes such as wrong search filter, insufficient privilege to read into a specific tree where the user is located and others.

We hope your logs will give you some insight of the cause of the issue. Just to confirm, users authentication is rejected by JIRA and need to try again right instead of log-in successful but can't see anything on your instance.

Cheers,
Septa Cahyadiputra

Hi Septa,

We will soon give another attempt to this ( don't want to touch at this moment , as most of users are currently logged in and busy with Jira ) and will share updates...

Thank you so much for guiding though this.

Thanks,

Vishal Chugh

Suggest an answer

Log in or Join to answer
Community showcase
Sarah Schuster
Posted Jan 29, 2018 in Jira

What are common themes you've seen across successful & failed Jira Software implementations?

Hey everyone! My name is Sarah Schuster, and I'm a Customer Success Manager in Atlassian specializing in Jira Software Cloud. Over the next few weeks I will be posting discussion topics (8 total) to ...

3,345 views 14 20
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you
Atlassian Team Tour

Join us on the Team Tour

We're bringing product updates and pro tips on teamwork to ten cities around the world.

Save your spot