JIRA - LDAP delegated auth (sso) - First time user login

For the LDAP delegated auth directory I have setup the default group membership as 'jira-users' ie..

Default Group Memberships
When a user in this directory authenticates successfully for the first time, they will be automatically added to the following groups:
jira-users (remove)

When a new user logs into JIRA, they get the message "Sorry, your username and password are incorrect - please try again."

but in the Crowd's log I see messages of successful group imports
2012-05-03 09:15:32,540 http-8095-3 INFO [atlassian.crowd.directory.DelegatedAuthenticationDirectory] Imported user "xyz's membership of remote group "DD_MP" to directory "Delegated Authentication Directory".
...
....

After a manual synch on the Crowd directory from within JIRA the user is able to get in.

How do I set this up so that the first time user is able to get in successfully as jira-user?

3 answers

I got reply back from Atlassian's support saying that this is the expected behavior.

Is anyone using delegated auth? If you are, any recommendation on how to handle the above?

I would like to see the first time users being able to login to JIRA as a 'jira-users'.

thanks

i'm trying to do the same but not having any luck yet.

0 vote
Colin Goudie Community Champion Jun 25, 2012

There is a JIRA ticket open for this so VOTE it up!!

https://jira.atlassian.com/browse/JRA-26882

I got this ticket off Shihab after discussing this with him @ Summit

For a client I get around it a little bit doing it this way (By no means perfect)

Set JIRA to low sync time (1-5 minutes)

Modified Crowd so that on User Import (from one directory to another) it runs the code to add new users to the default groups

Setup 2 directories in crowd, 1 delegated and the other a normal LDAP connection that ISN'T used in any applications. You then can manually source the users into the delegated directory by doing the User Import between the 2 directories and the new users get added to the default groups.

When JIRA syncs it gets them.

Not perfect but if done as a procedure daily or whatever then the user accounts are generally ready for any new user to come along and their account is present and in the right groups.

Suggest an answer

Log in or Sign up to answer
How to earn badges on the Atlassian Community

How to earn badges on the Atlassian Community

Badges are a great way to show off community activity, whether you’re a newbie or a Champion.

Learn more
Community showcase
Published yesterday in Jira Software

How large do you think Jira Software can grow?

Hi Atlassian Community! My name is Shana, and I’m on the Jira Software team. One of the many reasons this Community exists is to connect you to others on similar product journeys or with comparabl...

309 views 4 9
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you