As usually Active Directory is read-only for all incorporated mortals... still Jira users do need to be able to use and manage groups.
As the Jira administrators time is very limited, it's i not possible to manage these groups (inability to rename them being just agravating factor).
As an workaround I managed to trick the Active Directory to get a limited number of groups inside Jira by adding them to AD mailing list that I own. This means that by (de)subscribing mailing lists from my Meta-Jira-Groups mailing list I can add and remove AD groups one by one.
The great thing about this is that each of this groups has its own managers so the management of these groups is externalized to the real owners, falling back to IT but never to Jira admins (great!).
Now the big problem is that we still need to be able to manage same groups inside jira, while having few managed on AD.
How can we do this?
I think in your case the best option is use the Delegated Authentication Directory:
A Delegated Authentication directory combines the features of an internal Crowd directory with delegated LDAP authentication. This means that you can have your users authenticated via an external LDAP directory while managing the users and groups in Crowd.
I hope it helps.
Badges are a great way to show off community activity, whether you’re a newbie or a Champion.Learn more
Planning and grooming sessions all come with their own sets of rules. Team members meet to estimate stories or other work items, all according to an agreed-upon process. And with every session comes ...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs