We use an Active Directory with many users (1200+). They are imported into JIRA including our AD groups (nested groups are turned on).
We also have set the "Default Group Membership" to "jira-users".
The problem is that we do not want every user in the AD to log to be part of the group "jira-users". We want every user to be part of the "jira-users" up front, so everyone can assign everyone even though they have not logged in yet.
Will it work to put a "jira-users" group into out AD? (and assign an AD group "all" to that)
It seems that I can not add a AD group to a JIRA group using the nested group functionality. I get the permission denied. See https://jira.atlassian.com/browse/JRA-24671 So that is not an option even though it would have been perfect for us.
If the LDAP directory is on the top position in your "User Directories" list within JIRA, you could create a group called "jira-users" in AD and assign the users as member of this group, then in the next synchronization the LDAP users would appear as member of "jira-users" group in JIRA before they log in.
Do you have a common group user in LDAP that all user is member of it? Perhaps you can add it directly to the JIRA Users under Global Permission?
Once it sync the users should posses the ability to login immediately as we know that the local-group require first login.
Atlassian Summit is an excellent opportunity for in-person support, training, and networking.Learn more
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG