Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Deleted user
0 / 0 points
Next:
badges earned

Your Points Tracker
Challenges
Leaderboard
  • Global
  • Feed

Badge for your thoughts?

You're enrolled in our new beta rewards program. Join our group to get the inside scoop and share your feedback.

Join group
Recognition
Give the gift of kudos
You have 0 kudos available to give
Who do you want to recognize?
Why do you want to recognize them?
Kudos
Great job appreciating your peers!
Check back soon to give more kudos.

Past Kudos Given
No kudos given
You haven't given any kudos yet. Share the love above and you'll see it here.

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

LDAP-Setup, Specify multiple OU's in "Additional User DN"

Hello,

I have setup an user directory to synchronize with our Active Directory like this:

Base DN: dc=domain,dc=name

Additional User DN: ou=Employees

Additional Group DN: ou=Groups,ou=are,ou=here

Furthermore I have used "User Object Filter" and "User Object Filter" to only add users and groups that are member of a certain group in AD.

 

Now we also want to include some users found under ou=consultants,dc=domain,dc=name, but because our AD has a huge number of users with thousands of users (mostly school pupils) we don't want to just remove ou=Employees from "Additional User DN" and sync the entire tree. Can you use LDAP filter-syntax in "Additional User DN" or do you have any other way to specify more than one path?

If not, are there any other good ways of accomplishing what we want without modifying our ad structure or syncing the entire tree?

3 answers

Hello Trond,

You could also add multiple user directories pointing to different parts of your Active Directory.

 

Lars. Kantega Single Sign-on

good point! didn't think of that

No problem!

That`s why we have the community, right? :)

-Lars

Hello Lars Olav Velle,

If I understood your suggestion correctly, we need to add multiple user directories on Jira to get different sets of users from multiple OU paths of AD, for example, one User-Directory for "OU=EMPLOYEES,OU=Location_1,OU=Domain,OU=Local" and a second User-Directory for "OU=EMPLOYEES,OU=Location_2,OU=Domain,OU=Local". Please confirm.

 

Is it possible to specify all required AD-OU-paths in a single User-Directory? If so, please help me with the syntax for specifying multiple AD paths, either in the LDAPFilter or in the Additional User DN settings.

Thanks.

Regards,

Shyam

Like Marcelo Mella likes this

Hello Shyam

Did you manage to configure just a single directory?

Is it possible to have different user directories setup to look at different OUs?

Yes Ryan, it is possible

I'm interested in the solution for one single directory.

Anyone make it work for AD?

Yes. We have it setup for AD right now for a single OU. But we have are groups located in a separate OU from our users so I'm looking to setup a second directory for groups.

Ryan

You can add the same AD configuration with different OUs. This works fine.

The problem is you can't share user groups or implement SSO.

What i need is one single directory connection to AD, with multiple OUs inside

The root cause of syncing the entire tree was actually something completely different. Turning off "follow referals" under advanced settings solved the underlying problem

Yes, that should never have been the default setting!

-Lars

In case of additional DN if both the OU(s) are in parallel then it will not work on the same directory. You need to create a new directory for that. But if it's inside the base OU then it will work. Like below - 

BaseDN - OU=Users,OU=Sites,OU=Domain,OU=com

Addional DN - OU=Atlassian_Users

Suggest an answer

Log in or Sign up to answer
TAGS

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you