LDAP Directory - Synchronize group memberships with Confluence (posixAccount, posixGroup)

I am struggling to integrate LDAP with confluence.

I am using the following main configuration:

  • OpenLDAP
  • LDAP Permissions: Read/Write
  • Groups: posixAccount + posixGroup

The problem I'm facing is that the users and groups are transfered without a problem, but the memberships are not set.

I managed to get it to work with groupOfNames as the group scheme. The only case it works is if a group membership is defined inside the user (memberOf attribute) and the setting "Use the User Membership Attribute" is set. If either of these is not set there is no user-group assignment.

As posix is more widely supported (especially by LDAP user managers like LAM or Webmin) I would like to use it as my LDAP scheme and would prefer not to add attributes manually (would not be supported by user managers). Also this scheme is just using the username as an identifier (memberUid: username instead of members: uid=username,ou=People,dc=domain,dc=domain)

So my questions are:

Is there a possiblity to syncronize group memberships with the posixGroup scheme?

Is it sufficent if the members of a group are just set in the group entry (memberUid)?

Is it sufficent if a user is just defined by their uid and not by there complete DN?

1 answer

0 votes
David Chan Atlassian Team Nov 21, 2011

Hey JFR,

1. When configuring LDAP, there is also a LDAP directory type labeled 'OpenLDAP Using Posix Schema'. Try using that instead of the usual 'OpenLDAP'. The problem, however, is that Confluence's Posix integration is Read-Only. This means that you will not be able to manage users/groups within Confluence, everything has to be done within OpenLDAP.

2. You can define the membership attributes if you expand the 'Membership Schema' section within the directory configuration. You should be able to set the membership attribute to (memberUid) .

3. When integrating LDAP, Confluence needs a base DN for users. Once defined, all user searches will only be within that set DN. You can then further define the users under the advance section labeled 'User Schema Settings'

Checkout this document:


Suggest an answer

Log in or Sign up to answer
Community showcase
Posted yesterday in United States

From Atlassian: Confluence Security Advisory - 2019-03-20

Atlassian released a security advisory on 3/20/2019.  The full advisory is here:  https://confluence.atlassian.com/doc/confluence-security-advisory-2019-03-20-966660264.html In a nutshe...

13 views 0 1
View post

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you