Hello together,
I wanted to ask if it´s possible to let users of Jira log in with the help of the active directory, but once in Jira, the internal directory of Jira gives the user all the permissions and rights.
Background info: we want to be independant from the IT-Team which has all users of Jira go over the active directory, and we don´t want that.
Also we have a lot of users and a lot of groups (some very small, some very large). We want to have only 4-5 groups in the future (Admins, Users, Customers etc.) Maybe this info can help understand.
Thank you! ;-)
Hello,
You can create LDAP user directory and check Read Only, with Local Groups checkbox. In this case your users will be imported from LDAP and you can assign local Jira groups to the imported users . Then you will grant permissions to the local groups.
+1. This is the setting I use for a 3000+ user instance.
AD groups for "general" access, local groups for extended access (i.e. restrictive workflow conditions, sprint management permission, bulk changes, etc.).
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Yousaf,
yes, that's possible. You have to enable your AD as a "Jira Delegated Authentication Directory" (internal with LDAP Authentication).
With such a setting, you have to add your user to Jira manually (and give them all their permission there), but the password is checked with the Active Directory.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.