It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

LDAP-Setup, Specify multiple OU's in "Additional User DN"

Hello,

I have setup an user directory to synchronize with our Active Directory like this:

Base DN: dc=domain,dc=name

Additional User DN: ou=Employees

Additional Group DN: ou=Groups,ou=are,ou=here

Furthermore I have used "User Object Filter" and "User Object Filter" to only add users and groups that are member of a certain group in AD.

 

Now we also want to include some users found under ou=consultants,dc=domain,dc=name, but because our AD has a huge number of users with thousands of users (mostly school pupils) we don't want to just remove ou=Employees from "Additional User DN" and sync the entire tree. Can you use LDAP filter-syntax in "Additional User DN" or do you have any other way to specify more than one path?

If not, are there any other good ways of accomplishing what we want without modifying our ad structure or syncing the entire tree?

2 answers

Hello Trond,

You could also add multiple user directories pointing to different parts of your Active Directory.

 

Lars. Kantega Single Sign-on

good point! didn't think of that

No problem!

That`s why we have the community, right? :)

-Lars

Hello Lars Olav Velle,

If I understood your suggestion correctly, we need to add multiple user directories on Jira to get different sets of users from multiple OU paths of AD, for example, one User-Directory for "OU=EMPLOYEES,OU=Location_1,OU=Domain,OU=Local" and a second User-Directory for "OU=EMPLOYEES,OU=Location_2,OU=Domain,OU=Local". Please confirm.

 

Is it possible to specify all required AD-OU-paths in a single User-Directory? If so, please help me with the syntax for specifying multiple AD paths, either in the LDAPFilter or in the Additional User DN settings.

Thanks.

Regards,

Shyam

Like Marcelo Mella likes this

Hello Shyam

Did you manage to configure just a single directory?

The root cause of syncing the entire tree was actually something completely different. Turning off "follow referals" under advanced settings solved the underlying problem

Yes, that should never have been the default setting!

-Lars

Suggest an answer

Log in or Sign up to answer
Community showcase
Posted in Jira

Demo Den Ep. 7: New Jira Cloud Reports

Learn how to use two new reports for next-gen projects in Jira Cloud:  Cumulative flow diagram and Sprint burndown chart. Ivan Teong, Product Manager, Jira Software, demos the Cumulative ...

334 views 1 3
Join discussion

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you