We have several JIRA and Confluence instances on different servers in our department and we are looking for a single sign-on to them.
Hi @[deleted]
Crowd should fulfill all your requirements.
About pricing and licensing:
A Crowd user is defined as any user account that can authenticate against one or more applications.
So every user in crowd able to authenticate for one of your Atlassian Applications counts towards the license. See https://www.atlassian.com/software/crowd/pricing for more details.
Cheers
Niklas
Hi @[deleted],
In addition to Niklas' answer, please allow me to make a comment regarding your first requirement: "SSO using the company-wide LDAP and the sign-on every user has initially made to the windows domain".
Out of the box Crowd provides Web SSO but it does not provide Windows SSO. This means that you will need to authenticate on a first Atlassian application (e.g. Jira) with your LDAP username and password before you can navigate to other Atlassian applications (e.g. Confluence) without reauthenticating.
If you want your users to be automatically authenticated in your Atlassian applications right after they logged onto your Windows domain you will need a Kerberos add-on.
You might want to take a look at the Integrated Windows Authentication for Applications using Crowd (IWAAC) add-on: https://marketplace.atlassian.com/plugins/com.cleito.iwaac/server/overview
It does exactly what you want in addition to Crowd's native features.
(Disclaimer: I work for the vendor of the IWAAC plugin)
Please note that there are other Kerberos add-ons available on Atlassian Marketplace: https://marketplace.atlassian.com/search?query=kerberos
Hope this helps.
Bruno
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Bruno Vincent Thanks for adding this @Bruno Vincent. I did not take in account that LDAP SSO could be required.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.