Hi
I need to configure JIRA to connect to Microsoft AD, check user login & password and let them login or show some ugly red warning. Nothing else. Right now, when somebody reconfigures JIRA LDAP connection and makes mistake JIRA synchronizes with ad and wipes all users (except for those few local ones) and when admin writes correct configuration users are restored but without groups.
I suppose that there are 2 solutions:
1) users, groups etc. are stored in LDAP
2) (preffered) groups are stored in JIRA; JIRA connects to LDAP when a user tries to log in and checks their password; if there is anything bad with ldap, JIRA _cannot_ wipe user table.
My jira is 5.2.8.
Regards
Marek
Hi Marek,
You can try using a delegated directory (Internal with LDAP authentication).
This will sync users only when they log into the application and should not clear up everyone if anyone messes the configuration.
Hope it helps.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Delegated LDAP Authentication can work but in this case the users will be internal to JIRA. There is an option to copy users on first login but the user has to login before it appears inside JIRA.
Another option is to configure the directory as you have done but with "Read Only, with Local Groups" option. In this case, you can add local groups and use those groups in permissions.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Just don't give admin permission to AD user which will jira use to retrieve LDAP users... In such case Jira will not be able to wipe LDAP...
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.