JIRA 6.1.7 connecting to Zimbra OpenLDAP for authentication.

Has anyone successfully acheived this? We are using the same LDAP settings that have worked for many other products, and while we can connect, no users are able to be looked up in the test mode.

More detail can of course be provided as needed.

Thanks in advance to any and all willing to help.

2 answers

1 accepted

This widget could not be displayed.

Through many hours of work and frustration, I finnially found this:

From Matt Doar Here

Matt Doar (ServiceRocket)

I got the "Internal Directory with LDAP Authentication" working with an instance of Zimbra LDAP server, which isn't one of the specific choices in the drop-down list. Here's what worked for me:

Generic Directory Server
Hostname: ldap.example.com
Username: uid=zimbra,cn=admins,cn=zimbra
Password: secret
Default Group Memberships: jira-users

Base DN: dc=example,dc=com
User Name Attribute: uid

Additional User DN: ou=people
User Object Class: zimbraAccount
User Object Filter: (uid=*)
User Name RDN Attribute: cn
User First Name Attribute: givenName
User Last Name Attribute: sn
User Display Name Attribute: displayName
User Email Attribute: mail

I also found LDAPManager (https://sourceforge.net/projects/ldapmanager) for OSX useful for debugging what attributes were present in the LDAP server.

This widget could not be displayed.

Zimbra accounts must be supported, https://confluence.atlassian.com/display/CROWD/LDAP+Object+Structures

Which connection are you using ?https://confluence.atlassian.com/display/CROWD/Configuring+an+LDAP+Directory+Connector

What error are you getting during the test?

If you/can you save does it synch?

IN general disable features like paging, nested groups, and increase timeouts, then run the test again.

It may help to loosed your object filters and go higher on the base DN for the user objects unless you are sure you have the right LDAP filters.

If still no luck, grab the relevent section of the logs and add them here.

Attempted with both

  • OpenLDAP
  • OpenLDAP Using Posix Schema

Connectors.

The error is "user not found" on the lookup test when entering known good users. I have used TCPDUMP to ensure that the connection is occuring, and have not seen any errors on the server side (zimbra). I will post more detail when I return to the office on Monday (such as the makup of the LDAP structure, it is VERY simple).

I am using the same search filiters on GitHub Enterprise and OpenFire to authenticate against Zimbra OpenLDAP.

Thanks for the assist.

Alright, in my exoerience here that lends to the object filters and paths if your not seeing auth or limit errors from the ldap server.

Do you have another application (apache directory studio is good) that will allow you to manually validate connection strings, filters and the base DN? Even another web app that uses that LDAP today and you can just do a quick sanity check on the config.

Always best to eliminate the easy stuff first ;)

Suggest an answer

Log in or Sign up to answer
Atlassian Summit 2018

Meet the community IRL

Atlassian Summit is an excellent opportunity for in-person support, training, and networking.

Learn more
Community showcase
Posted Aug 06, 2018 in Jira Service Desk

A is for Activate: Share your top Jira Service Desk onboarding tips for new users!

Hi, everyone! Molly here from the Jira Service Desk Product Marketing Team :).  In the spirit of this month's  august-challenge, we're sourcing stories of Jira Service Desk activation fro...

576 views 25 15
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you