I'm part of a supporting team for a fairly small Atlassian instance which includes JIRA, Confluence, and Stash. We rely on LDAP for authentication. Since we're limited on licenses, we need a way to not add our entire active directory to Atlassian, but at the same time give project owners/leads in Atlassian the ability to manage users for their project without having access to any other projects.
So far we've explored using groups vs. individual permissions. From what we understand, in order for a project owner/lead to manage a group they must be able to manage all groups for that Atlassian environment. Is that true? This is a deal breaker for us. Alternatively for individual permissions, we can let the project owner/lead manage the permissions, but again without giving the project owner/lead the ability to adjust the global permissions as well it can't work. The workaround has been to create a single global group which we as the supporting team have to individually add users to each and every time someone new needs access. This isn't a scalable solution for us.
Are we missing something? I understand theres another module called Crowd, but not sure this helps us attempt to keep our license usage under control while also allowing project owners/leads the ability to manage their own users.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.