Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

LDAP Read/Write Permissions

Chad Corkrum
Chad Corkrum September 12, 2019

I’m trying to find a document that lists the needed permissions of the Bind account in AD. So far I haven’t found anything. Hoping someone can point me in the right direction.

I want to use the password reset functionality to allow AD users self-service password resets and it looks to work when I use the domain admin as a bind account for testing but that isn’t ideal.

Thanks

Answer
Watch
Like # people like this
8807 views

1 answer

0 votes
Andy Heinzer
Andy Heinzer
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
September 17, 2019

Hi Chad,

I see that you are looking for more information about what permissions are needed for the Active Directory account that Jira can use to connect to a user directory.   We do have some information about this in the documentation on Connecting to an LDAP directory.

By default, all users can read the uSNChanged attribute; however, only administrators or users with relevant permissions can access the Deleted Objects container. The specific privileges required by the user to connect to LDAP are "Bind" and "Read" (user info, group info, group membership, update sequence number, deleted objects), which the user can obtain by being a member of the Active Directory's built-in administrators group.

We know that an administrator of that AD will have the needed permissions.  However if the user account is not in this administrator's group, those listed permissions would still need to be granted to that user for Jira to be able to properly use this account.

I hope this helps.

Andy

Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

    See all events