This question is in reference to Atlassian Documentation: Administering JIRA Software
I am am setting up a new instance of JIRA we would like to add AD (LDAP) directory as well as the internal. I have it working however it is pulling everyone from our AD I only want it to pull users that are int he group jira-users.
Base DN:
DC=WINDOM, DC=OUTREACH,DC=PSU, DC=EDU
The Security Group called jira-users is in the following location
CN=jira-users,OU=JIRA,OU=OTS Servies,DC=WINDOM,DC=OUTREACH,DC=PSU,DC=EDU
I put the following under User Schema Settings
User Object Filter
(memberOf=CN=jira-users,OU=JIRA,OU=OTS Servies,DC=WINDOM,DC=OUTREACH,DC=PSU,DC=EDU)
If I put the user group in the base DN then it works.
Great. Glad you got it working.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I just don't understand why it has to be that way, but its working.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I think this may be what you need to do
https://confluence.atlassian.com/display/CROWD/Restricting+LDAP+Scope+for+User+and+Group+Search
Chris
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I looked at that and made changes to my
User Object Filter
(&(objectCategory=Person)(sAMAccountName=*)(memberOf=CN=jira-users,OU=JIRA,OU=OTS Servies,DC=WINDOM,DC=OUTREACH,DC=PSU,DC=EDU)))
Now I get an error:
Test retrieve user : Failed
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
It looks like you've one too many closing parentheses at the end - try this.
(&(objectCategory=Person)(sAMAccountName=*)(memberOf=CN=jira-users,OU=JIRA,OU=OTS Servies,DC=WINDOM,DC=OUTREACH,DC=PSU,DC=EDU))
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Now I get
Test retrieve user : Failed
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.