Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Test get user's memberships : Failed, while connecting Jira with OpenLDAP

Edited

Hi,

I'm trying to configure JIRA with OpenLDAP user directory. But I'm facing  "Test get user's memberships : Failed" When doing the "Test Connection", I'm sharing full result when I'm test connection , I have also attached my jira server setup Screen Shot.

Output:-

Test basic connection : Succeeded

Test retrieve user : Succeeded

Test user rename is configured and tracked : Succeeded

Test get user's memberships : Failed

Test retrieve group : Not performed

Test get group members : Not performed

Test user can authenticate : Succeeded

 

01.png02.png03.jpg

3 answers

Sorry. Wrong post.

Can't find a way to delete it.

Hi, I have solved the problem, at least for my setup. The main problem for me was that I use an openldap docker image which has obviously a problem with the "memberof" method. The solution here was to use groupOfUniqueNames instead of groupOfNames for the groups like "jira-software-users", then the memberof call yields the expected results. Here my settings:

User Schema Settings

  • User Object Class: inetOrgPerson
  • User Object Filter: (objectClass=person)
  • User Name Attribute: uid
  • User Name RDN Attribute: cn
  • User First Name Attribute: givenName
  • User Last Name Attribute: sn
  • User Display Name Attribute: cn
  • User Email Attribute: mail
  • User Password Attribute: userpassword
  • User Password Encryption: SHA
  • User Unique ID Attribute: uidNumber

Group Schema Settings

  • Group Object Class: groupOfUniqueNames
  • Group Object Filter: (cn=*)
  • Group Name Attribute: cn
  • Group Description Attribute: description

Membership Schema Settings

  • Group Members Attribute: uniquemember
  • User Membership Attribute: memberof

Here as example the ldif output of my group "jira-software-users:

# LDIF Export for cn=jira-software-users,ou=Groups,dc=lingucity,dc=de
# Server: ldap.lingucity.de (ldap.lingucity.de)
# Search Scope: base
# Search Filter: (objectClass=*)
# Total Entries: 1
#
# Generated by phpLDAPadmin (http://phpldapadmin.sourceforge.net) on June 13, 2019 4:02 pm
# Version: 1.2.4

version: 1

# Entry 1: cn=jira-software-users,ou=Groups,dc=lingucity,dc=de
dn: cn=jira-software-users,ou=Groups,dc=lingucity,dc=de
cn: jira-software-users
objectclass: groupOfUniqueNames
objectclass: top
uniquemember: cn=GName1, SName1,ou=People,dc=lingucity,dc=de
uniquemember: cn=GName2, SName2,ou=People,dc=lingucity,dc=de
uniquemember: cn=GName3, SName3,ou=People,dc=lingucity,dc=de

That's good!

0 votes

Hi! 

 

Have you communicate with AD/LDAP admin? 

looks like uniqueMember incorrect, could you try memberOf ?

 

Cheers,

Gonchik Tsymzhitov

@Gonchik Tsymzhitov  ... Yes, I tried with memberOf also but same issue ... 

Like Anant Bhat likes this

@Gonchik Tsymzhitov ... that one also showing same error .. 

I have the same problem. What is the purpose of this query? What is the expected result? How do I match the fields provided by the LDAP server to the requests mentioned in the settings?

Could you share logs, please? 

In section "User Schema Settings" I have nearly the same as shown above, only two differences: "User Display Name Attribute" is set to "cn", and I have an additional line at the end "User Unique ID Attribute" which I have set to "uidNumber".

The other settings for Group Schema and Membership Schema are identical. When I start the test, I have the same screen as shown above. My openLDAP server shows the following output:

2019-06-12T12:39:51.490728857Z app[web.1]: 5d00f297 conn=1037 op=28 SRCH base="dc=lingucity,dc=de" scope=2 deref=3 filter="(&(objectClass=*)(uid=udo.hain))"
2019-06-12T12:39:51.490754193Z app[web.1]: 5d00f297 conn=1037 op=28 SRCH attr=uid mail uidNumber givenName sn cn gidNumber
2019-06-12T12:39:51.490844693Z app[web.1]: 5d00f297 conn=1037 op=28 SEARCH RESULT tag=101 err=0 nentries=1 text=
2019-06-12T12:39:51.491667549Z app[web.1]: 5d00f297 conn=1037 op=29 SRCH base="dc=lingucity,dc=de" scope=2 deref=3 filter="(&(objectClass=*)(uid=udo.hain))"
2019-06-12T12:39:51.491678896Z app[web.1]: 5d00f297 conn=1037 op=29 SRCH attr=uid mail uidNumber givenName sn cn gidNumber
2019-06-12T12:39:51.491728715Z app[web.1]: 5d00f297 conn=1037 op=29 SEARCH RESULT tag=101 err=0 nentries=1 text=
2019-06-12T12:39:51.492477068Z app[web.1]: 5d00f297 conn=1037 op=30 SRCH base="dc=lingucity,dc=de" scope=2 deref=3 filter="(&(&(?objectClass=group)(cn=*))(|(?uniqueMember=udo.hain)(gidNumber=5001)))"
2019-06-12T12:39:51.492495990Z app[web.1]: 5d00f297 conn=1037 op=30 SRCH attr=description cn uniqueMember gidNumber
2019-06-12T12:39:51.492548212Z app[web.1]: 5d00f297 conn=1037 op=30 SEARCH RESULT tag=101 err=0 nentries=0 text=
2019-06-12T12:39:51.493002890Z app[web.1]: 5d00f297 conn=1037 op=31 SRCH base="dc=lingucity,dc=de" scope=2 deref=3 filter="(&(objectClass=*)(uid=udo.hain))"
2019-06-12T12:39:51.493011650Z app[web.1]: 5d00f297 conn=1037 op=31 SRCH attr=uid mail uidNumber givenName sn cn gidNumber
2019-06-12T12:39:51.493057502Z app[web.1]: 5d00f297 conn=1037 op=31 SEARCH RESULT tag=101 err=0 nentries=1 text=
2019-06-12T12:39:51.495028906Z app[web.1]: 5d00f297 conn=1044 fd=15 ACCEPT from IP=172.17.0.1:53256 (IP=0.0.0.0:389)
2019-06-12T12:39:51.495058890Z app[web.1]: 5d00f297 conn=1044 op=0 BIND dn="cn=udo hain,dc=lingucity,dc=de" method=128
2019-06-12T12:39:51.495078013Z app[web.1]: 5d00f297 conn=1044 op=0 BIND dn="cn=Udo Hain,dc=lingucity,dc=de" mech=SIMPLE ssf=0
2019-06-12T12:39:51.495109909Z app[web.1]: 5d00f297 conn=1044 op=0 RESULT tag=97 err=0 text=
2019-06-12T12:39:51.495605608Z app[web.1]: 5d00f297 conn=1044 op=1 UNBIND
2019-06-12T12:39:51.495625473Z app[web.1]: 5d00f297 conn=1044 fd=15 closed
2019-06-12T12:39:51.547741550Z app[web.1]: 5d00f297 conn=1037 op=32 SRCH base="dc=lingucity,dc=de" scope=2 deref=3 filter="(&(objectClass=*)(uid=udo.hain))"
2019-06-12T12:39:51.547773967Z app[web.1]: 5d00f297 conn=1037 op=32 SRCH attr=uid mail uidNumber givenName sn cn gidNumber
2019-06-12T12:39:51.547781952Z app[web.1]: 5d00f297 conn=1037 op=32 SEARCH RESULT tag=101 err=0 nentries=1 text=
2019-06-12T12:39:51.548455936Z app[web.1]: 5d00f297 conn=1037 op=33 SRCH base="dc=lingucity,dc=de" scope=2 deref=3 filter="(&(&(?objectClass=group)(cn=*))(|(?uniqueMember=udo.hain)(gidNumber=5001)))"
2019-06-12T12:39:51.548471352Z app[web.1]: 5d00f297 conn=1037 op=33 SRCH attr=cn
2019-06-12T12:39:51.548489924Z app[web.1]: 5d00f297 conn=1037 op=33 SEARCH RESULT tag=101 err=0 nentries=0 text=
2019-06-12T12:39:51.560124607Z app[web.1]: 5d00f297 conn=1037 op=34 SRCH base="dc=lingucity,dc=de" scope=2 deref=3 filter="(&(objectClass=*)(uid=udo.hain))"
2019-06-12T12:39:51.560145633Z app[web.1]: 5d00f297 conn=1037 op=34 SRCH attr=uid mail uidNumber givenName sn cn gidNumber
2019-06-12T12:39:51.560192318Z app[web.1]: 5d00f297 conn=1037 op=34 SEARCH RESULT tag=101 err=0 nentries=1 text=
2019-06-12T12:39:51.562081356Z app[web.1]: 5d00f297 conn=1045 fd=15 ACCEPT from IP=172.17.0.1:53260 (IP=0.0.0.0:389)
2019-06-12T12:39:51.562185023Z app[web.1]: 5d00f297 conn=1045 op=0 BIND dn="cn=udo hain,dc=lingucity,dc=de" method=128
2019-06-12T12:39:51.562203813Z app[web.1]: 5d00f297 conn=1045 op=0 BIND dn="cn=Udo Hain,dc=lingucity,dc=de" mech=SIMPLE ssf=0
2019-06-12T12:39:51.562308727Z app[web.1]: 5d00f297 conn=1045 op=0 RESULT tag=97 err=0 text=
2019-06-12T12:39:51.562989764Z app[web.1]: 5d00f297 conn=1045 op=1 UNBIND
2019-06-12T12:39:51.563097460Z app[web.1]: 5d00f297 conn=1045 fd=15 closed

Maybe it is better that you first provide some suggestions for the settings and then we provide the logs?

Suggest an answer

Log in or Sign up to answer
TAGS

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you