We are using Active Directory for our JIRA user directory. My question is does JIRA cache the Active Directories password and sync at a certain interval? If so is there a way to change the interval? Or does JIRA do an active read on the active directory at the time of log in to verify the username/password? We are using JIRA 6.0.8
JIRA does not cache users' Active Directory passwords. Based on monitoring network traffic between our JIRA server and the AD controller, I noticed that JIRA goes out to the controller each time a user makes a log-in attempt. The synchronization that occurs at a defined interval, which you can change, is for pulling in new/updated domain accounts and groups.
To sum up: if an existing user changes his/her domain password, a re-synchronization is not required. However, if this user is placed in a new AD group, then a re-synchronization would be required for JIRA to see the change.
JIRA does not cache user passwords in LDAP user directories. Authentication is done by the LDAP server.
JIRA only caches, name and email address for an account. By default every hour JIRA syncs. If you want more frequent syncs you will see the interval (with value 60) when you edit the directory in JIRA
Makes sense. Reason I ask is we are having users having password issues after they have changed their password in Active Directory. So my concern was maybe the password was cached and when they change their password in between the next cache it was causing this issue and having them lock out of our active directory. Since JIRA doesn't cache the passwords this would not be the cause for their issues I believe.
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
We're bringing product updates and pro tips on teamwork to ten cities around the world.Save your spot