Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Is it possible to have mixed mode authentication (LDAP and JIRA internal) in JIRA Data Center?

Inigo Montoya
Inigo Montoya
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
June 17, 2020

My company has JIRA datacenter, and we use JIRA internal authentication. We would like to switch to LDAP, but we have some JIRA integrations developed internally that won't be able to be ported to use LDAP authentication any time soon.

My question is: Is it possible to set-up JIRA in such a way that it is able to authenticate some users using LDAP and authenticate another limited set of users using JIRA internal directory? If the answer is yes, then could someone please point me to the right documentation? My limited efforts in searching for this information yielded no results.

Thanks!

-IM

Answer
Watch
Like Be the first to like this
477 views

1 answer

1 vote
Jon Espen Ingvaldsen Kantega SSO
Jon Espen Ingvaldsen Kantega SSO
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
June 17, 2020

You make use of both Jira internal and a LDAP directory in parallel. The standard way this is handled is by assigning priority order to the user directories in Jira. If you have user duplicates (users with the same username in multiple user directories), the user record and permissions found in the user directory with the highest order will apply.

The "up" and "down" arrows in the user directory page allow you to change the priority order. 

I do not see any other standard and facilitated way of applying user directories to a limited subset of users (without deactivating users manually). 

Regards,

Jon Espen
Kantega SSO

View More Comments
Radek Dostál
Radek Dostál
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
June 17, 2020

Exactly as Jon says - it's a standard practice to keep 2 and more directories in parallel and the order plays the most important role there.

 

For example, after switching to LDAP authentication, you will still require a service account, or well, any internal account that will be able to do maintenance and updates of that LDAP authentication settings in Jira (you cannot modify the user directory you are logged in through, to prevent locking yourself out).

Like Jon Espen Ingvaldsen Kantega SSO likes this
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events