It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

JIRA - LDAP delegated auth (sso) - First time user login

meena radhakrishnan May 02, 2012

For the LDAP delegated auth directory I have setup the default group membership as 'jira-users' ie..

Default Group Memberships
When a user in this directory authenticates successfully for the first time, they will be automatically added to the following groups:
jira-users (remove)

When a new user logs into JIRA, they get the message "Sorry, your username and password are incorrect - please try again."

but in the Crowd's log I see messages of successful group imports
2012-05-03 09:15:32,540 http-8095-3 INFO [] Imported user "xyz's membership of remote group "DD_MP" to directory "Delegated Authentication Directory".

After a manual synch on the Crowd directory from within JIRA the user is able to get in.

How do I set this up so that the first time user is able to get in successfully as jira-user?

3 answers

0 votes
meena radhakrishnan May 08, 2012

I got reply back from Atlassian's support saying that this is the expected behavior.

Is anyone using delegated auth? If you are, any recommendation on how to handle the above?

I would like to see the first time users being able to login to JIRA as a 'jira-users'.


0 votes
Aiping Zhang Jun 24, 2012

i'm trying to do the same but not having any luck yet.

0 votes
Colin Goudie Jun 25, 2012

There is a JIRA ticket open for this so VOTE it up!!

I got this ticket off Shihab after discussing this with him @ Summit

For a client I get around it a little bit doing it this way (By no means perfect)

Set JIRA to low sync time (1-5 minutes)

Modified Crowd so that on User Import (from one directory to another) it runs the code to add new users to the default groups

Setup 2 directories in crowd, 1 delegated and the other a normal LDAP connection that ISN'T used in any applications. You then can manually source the users into the delegated directory by doing the User Import between the 2 directories and the new users get added to the default groups.

When JIRA syncs it gets them.

Not perfect but if done as a procedure daily or whatever then the user accounts are generally ready for any new user to come along and their account is present and in the right groups.

Suggest an answer

Log in or Sign up to answer
This widget could not be displayed.
This widget could not be displayed.
Community showcase
Published in Jira

Try Jira Cloud for Outlook: Organize your work without leaving your inbox

Hi Atlassian community, My name is Max and I work on the product integration team at Atlassian. I am pleased to announce the early access program for the Jira Cloud add-in for Outlook. This add-in...

2,449 views 6 15
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you