LDAP Groups in ictime

I cannot add my Active Directory groups on the ictime permissions page. They are however displayed in the popup window after clicking on 'select groups'.

It only saves the groups of the JIRA internal directory.

Is this functionality not available for LDAP?

Update: I was able to configure the groups by editing the AO_9B23C2_GROUP_PERMISSION table in the jira db.

7 answers

1 accepted

Koen,

Okay, so no LDAP problem, but a bug in whitespace handling for group names. Have filed an issue (https://interconcept.atlassian.net/browse/ICTIME-293) and this will be fixed with the next release (3.1). We have no release data yet but I assume that we will have this release ready until end of November (should another bugfix release be required in the meantime, the fix would be made available before).

Best regards

Tobias

Hi Koen,

Version 3.0.8 that already should fix the issue has been released today.

Best regards

Tobias

LDAP Online Training

Click Here For Enquiry

Introduction

LDAP - Overview

  • A brief History of LDAP
  • LDAP Overview
  • LDAP vs. Database
  • LDAP Usage Summary
  • LDAP Data (Object) Model
  • Object Tree Structure
  • Attributes
  • Object Classes
  • Describing the Tree and Adding Data
  • Navigating the Tree (DNs and RDNs)
  • LDAP Replication and Referrals
  • Referrals
  • Replication

LDAP Schemas, Object Classes and Attributes

  • LDAP Stuff Overview
  • Schemas
  • Object Classes
  • Attributes
  • Matching Rules
  • LDAP Operational Attributes and Objects

Get Something Running

  • LDAP Installation
  • LDAP Installation
  • Open LDAP on UNIX and Windows
  • Apache DS on UNIX and Windows

Open LDAP Sample Configurations

  • Simple Directory
  • Designing the DIT
  • Select the STRUCTURAL object Class
  • Slapd.conf File
  • LDIF File
  • Loading the LDIF
  • Adding New Entries using LDIF
  • Modifying Entries using LDIF
  • Just Fooling Around
  • Securing the Directory
  • Security Policy
  • Adding Groups
  • ACL slapd.conf Access Definitions
  • Testing the ACL

Expanded Hierarchy

  • Requirement
  • Implementation
  • LDIF
  • ACL slapd.conf Access Definitions
  • Testing the ACL
  • Creating & Adding Objects
  • Requirement
  • Implementation
  • Attribute Definitions
  • Object Class & Schema Definition
  • ACL slapd.conf Access Definitions
  • LDIF
  • Testing the Changes
  • Single Sign On
  • Referral and Replication

Configuration Files

  • Slapd.conf Overview
  • Using OLC (cn=config)

OLC (cn=config) Overview

  • Converting from slapd.conf to OLC (cn=config)
  • OLC (cn=config) Layout
  • Using OLC (cn=config) (Read, Modify)
  • OLC (cn=config) General Notes
  • Add/Delete Schemas using OLC (cn=config)
  • Add/Delete ACPs/ACLs using OLC (cn=config)
  • Add/Delete Modules using OLC (cn=config)
  • Add/Delete Databases using OLC (cn=config)
  • List of Directives (OLC (cn=config) and slapd.conf)
  • Global Section Directives (OLC (cn=config) and slapd.conf)
  • TLS Directives (OLC (cn=config) and slapd.conf)
  • Backend Section Directives (OLC (cn=config) and slapd.conf)
  • Database Section Directives (OLC (cn=config) and slapd.conf)
  • Overlay Directives (OLC (cn=config) and slapd.conf)
  • ldap.conf Directives
  • Apache DS Configuration

Replication and Referrals

  • Replication and Referral Overview
  • Replication
  • Open LDAP Replication
  • Open LDAP slurpd Style Replication
  • Open LDAP slurpd Replication Errors
  • Open LDAP sysncrepl Style Replication
  • Open LDAP sysncrepl Refresh Only
  • Open LDAP sysncrepl Refresh and Persist
  • Open LDAP sysncrepl Multi-Master
  • Open LDAP sysncrepl Access Logs and Delta-sync
  • ApacheDS Replication
  • Synching DIT before surpd Replication
  • Synching DIT before syncrepl Replication
  • Referrals
  • Referral Chaining

Reference

LDIF and DSML

  • LDIF Overview
  • LDIF Format & Directives
  • LDIF File Format
  • LDIF Terminology and Line Types
  • LDIF Sample
  • LDIF Directives
  • add Directive
  • attribute name Directives
  • change type Directives
  • control Directives
  • delete Directives
  • delete oldrdn Directives
  • dn Directives
  • newrdn Directives
  • newsuperior Directives
  • objectclass Directives
  • Replaces Directives
  • Version Directives
  • LDIF Handling Binary (including Passwords)
  • LDIF Importing Files
  • LDIF Samples
  • DSML

LDAP Functional Model

  • LDAP URL

LDAP API

Open LDAP Operations

  • Open LDAP How Tos
  • Configuring Multiple DITs in Open LDAP
  • Configuring Referrals in Open LDAP
  • Configuring Referral chaining in Open LDAP
  • Configuring slurpd style replication in Open LDAP
  • Configuring syncrepl style replication in Open LDAP
  • Configuring delta synchronization (syncrepl) in Open LDAP
  • Configuring and using cn=config in Open LDAP
  • Notes about running/initializing Open LDAP
  • Notes about overlays in Open LDAP (or when is an overlay an overlay)
  • Open LDAP converting to OLC (cn=config)
  • Using OLC (cn=config)
  • Configuring Groups of Users in Open LDAP

Open LDAP Trouble Shooting & Errors

Open LDAP Performance

LDAP Tools

  • Open LDAP Tools
  • ldapadd - add LDIF entries to an LDAP directory
  • ldapauth - add LDIF entries to an LDAP directory
  • ldapdelete - delete LDAP entries
  • ldapmodify - modify existing LDAP entries
  • ldapmodrdn - modify an LDAP entry's DN
  • ldappasswd - modify an entry's password
  • ldapsearch - search LDAP entries
  • ldapwhoami - perform an LDAP Who Am I operation of a server
  • slapacl - verify access to attributes by inspecting the configuration of a DIT
  • slapadd - add LDAP entries to a database - STOP SLAPD FIRST
  • slapauth - verify SASL data against a DIT
  • slapcat - export an LDIF from an LDAP database - STOP SLAPD FIRST
  • slapdn - verify a DN against a DIT configuration
  • Slapindex - re-index an LDAP database - STOP SLAPD FIRST
  • Slappasswd - generate password
  • Slaptest - verify a slapd.conf file or a cn=config directory (slapd.d)

LDAP Browsers

  • LDAP Browser/Editor - some notes on usage

Apache DS Tools

  • Apache DS Tools - tools and Utilities

LDAP Security

  • Open LDAP Security Overview
  • Open LDAP TLS/SSL Configured
  • http://www.21cssindia.com/courses/ldap-online-training-103.html

Hi,

We have tested that internally with LDAP (not AD) and could not reproduce problems in the interface, LDAP groups were properly displayed and saved. Can you provide more information, do you get an error message, is there anything visible in the logs? Which database, JIRA version and ictime version are you using?

Best regards

Tobias

Dear Tobias,

There is no visual error message. The page just refreshes without adding the group.

I can't find any errors in the log-files.

I am using Windows 2008 R2, SQL Server 2008 R2, JIRA 6.1.1, ICTime 3.0.6

Best Regards,

Koen

Hi Koen,

There are two use cases where the interface just refreshes, but does not add the group after hitting "Add" (without an error message): 1. Group (name) does not exist or 2. Group had already been assigned.

Did you try to just type the group name in the box and then clicking "Add" instead of using the group selector popup before?

We will do a bugfix release probably this week and will add some logging to the permissions page so that if a group can't be found or already had been assigned, there will be a warning in the log. That might help to better understand the problem.

Best regards

Tobias

Hi Koen,

We have released v. 3.0.7 today. You might want to try with this one and then - if the problem is still present - have a look at the logs. There should now be a warning if the group could not be matched or is already existing. If there is still no entry in the logs, the problem must be found in a completely different place...

Best regards

Tobias

Tobias,

This appeared in the logs:

/secure/ICTimeSecurity.jspa [ictime.actions.security.ViewSecurity] Could not find group with name:JIRAUsers

The group name contains a space: "JIRA Users".

I guess that is the source of the error.

Best Regards,

Koen

Suggest an answer

Log in or Sign up to answer
How to earn badges on the Atlassian Community

How to earn badges on the Atlassian Community

Badges are a great way to show off community activity, whether you’re a newbie or a Champion.

Learn more
Community showcase
Published May 30, 2018 in Marketplace Apps

Three tips for boosting your board's efficiency with Story Maps

Trello is one of the most effective tools for driving your sprints. It's customizable for every Agile team and product owners and Scrum masters (SM) love it. However, Agile teams often struggle with:...

828 views 2 9
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you