As usually Active Directory is read-only for all incorporated mortals... still Jira users do need to be able to use and manage groups.
As the Jira administrators time is very limited, it's i not possible to manage these groups (inability to rename them being just agravating factor).
As an workaround I managed to trick the Active Directory to get a limited number of groups inside Jira by adding them to AD mailing list that I own. This means that by (de)subscribing mailing lists from my Meta-Jira-Groups mailing list I can add and remove AD groups one by one.
The great thing about this is that each of this groups has its own managers so the management of these groups is externalized to the real owners, falling back to IT but never to Jira admins (great!).
Now the big problem is that we still need to be able to manage same groups inside jira, while having few managed on AD.
How can we do this?
I think in your case the best option is use the Delegated Authentication Directory:
A Delegated Authentication directory combines the features of an internal Crowd directory with delegated LDAP authentication. This means that you can have your users authenticated via an external LDAP directory while managing the users and groups in Crowd.
I hope it helps.
As a Belgian, beer-lover and home brewer, beer is one of my great passions. I love the fact that with just a few ingredients (usually just water, hop and malt) you can create so many different tastes...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs
We're bringing product updates and pro tips on teamwork to ten cities around the world.Save your spot