How to Load users using Crowd LDAP?

Young__Hahn May 26, 2015

I am currently using CROWD for LDAP and having problem loading the users.

 

I guess I will have to explain my problem first..

Our company LDAP contains over 10,000 accounts and over 100 groups.. and in that LDAP, we have a AD group that contains 50 accounts. 

 

On Crowd setting up the LDAP, I set Base DN as where ALL accounts are in there.. which is over 10,000 accounts.

and on configuration page, I leave User DN blank, and set the Group DN as the location of the Group which should contains 50 accounts.. 

 

When I update this, it loads ALL the accounts in LDAP and just that specific group. 

 

When I set Base DN as the location of the Group that I want to use, and leave everything blank, it loads JUST THAT GROUP but not the accounts... 

 

I am guessing it is because account belongs to different AD or different location than the Group... 

 

How can I just load the Group that I want to use, and the accounts in that Group only? 

1 answer

1 accepted

1 vote
Answer accepted
Daniel Santos
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
May 26, 2015

Hi,

The users and groups in LDAP are separated objects.
The Base DN is the root location for JIRA to search in the AD.
When you leave the User DN blank you tell JIRA to search all users from that Base DN root, if your search pattern is default.

When you specify the Base DN to the specific group path is expected to get only that group. Since the user search will be done over that specific path that probably does not contain any user object.

I believe you need the first configuration that get all the users and the specific group and change the users filter to something like this:
(&(objectCategory=Person)(sAMAccountName=*)(memberOf=CN=foo group,DC=example,DC=com))

This will filter all users that are member of foo group.

Cheers,
Daniel P santos

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events