JIRA - LDAP delegated auth (sso) - First time user login

For the LDAP delegated auth directory I have setup the default group membership as 'jira-users' ie..

Default Group Memberships
When a user in this directory authenticates successfully for the first time, they will be automatically added to the following groups:
jira-users (remove)

When a new user logs into JIRA, they get the message "Sorry, your username and password are incorrect - please try again."

but in the Crowd's log I see messages of successful group imports
2012-05-03 09:15:32,540 http-8095-3 INFO [atlassian.crowd.directory.DelegatedAuthenticationDirectory] Imported user "xyz's membership of remote group "DD_MP" to directory "Delegated Authentication Directory".
...
....

After a manual synch on the Crowd directory from within JIRA the user is able to get in.

How do I set this up so that the first time user is able to get in successfully as jira-user?

3 answers

I got reply back from Atlassian's support saying that this is the expected behavior.

Is anyone using delegated auth? If you are, any recommendation on how to handle the above?

I would like to see the first time users being able to login to JIRA as a 'jira-users'.

thanks

i'm trying to do the same but not having any luck yet.

0 vote
Colin Goudie Community Champion Jun 25, 2012

There is a JIRA ticket open for this so VOTE it up!!

https://jira.atlassian.com/browse/JRA-26882

I got this ticket off Shihab after discussing this with him @ Summit

For a client I get around it a little bit doing it this way (By no means perfect)

Set JIRA to low sync time (1-5 minutes)

Modified Crowd so that on User Import (from one directory to another) it runs the code to add new users to the default groups

Setup 2 directories in crowd, 1 delegated and the other a normal LDAP connection that ISN'T used in any applications. You then can manually source the users into the delegated directory by doing the User Import between the 2 directories and the new users get added to the default groups.

When JIRA syncs it gets them.

Not perfect but if done as a procedure daily or whatever then the user accounts are generally ready for any new user to come along and their account is present and in the right groups.

Suggest an answer

Log in or Join to answer
Community showcase
Sarah Schuster
Posted Jan 29, 2018 in Jira

What are common themes you've seen across successful & failed Jira Software implementations?

Hey everyone! My name is Sarah Schuster, and I'm a Customer Success Manager in Atlassian specializing in Jira Software Cloud. Over the next few weeks I will be posting discussion topics (8 total) to ...

3,321 views 14 20
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you
Atlassian Team Tour

Join us on the Team Tour

We're bringing product updates and pro tips on teamwork to ten cities around the world.

Save your spot