I would like to use LDAP for authentication only in our JIRA instance. In other words, I would like to create my user accounts and manage group ownership in JIRA, but I would like to match the JIRA user account to an AD user so that it authenticates using the same username and password from the active directory server. Is this possible?
Yes this is possible and is currently what I do in my current instance. Make sure you add Microsoft Active Directory and it will give you the option on setup if you would like JIRA to be read only to LDAP. Don't select that and you will be able to add the users into JIRA and make sure their username and email match what is in LDAP.
"Read-only, with local groups" option? "Read / Write" is the other option but this will write back to LDAP so I guess not that one. When I did this in the past (admittedly in V5 of Jira, we're 6.4.3 now), it ended up pulling the whole user base in AD into Jira, which I don't want as this is hundreds of thousands of users. I cannot easily filter the AD DN in anyway because the users have no common association. I want to just create the user myself and have it link to their AD account.
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG