Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Confluence user management best practice: JIRA+LDAP or just LDAP?

Mike
Mike May 21, 2014

We've got JIRA 6.1 running with authentication delegated to LDAP, read only. We'd now like to add the latest Confluence version to the mix and it seems there are a couple options:

  1. Delegate Confluence user management to LDAP read only, with the same config we're using in JIRA
    • This was the only option on older versions of Confluence/JIRA as discussed in the docs
    • Since LDAP integration is read only, it may be simper to do it this way and avoid un extra service call everytime a user is authenticated (Confluence -> LDAP rather than Confluence -> JIRA -> LDAP)
  2. Delegate Confluence user management to JIRA, which is delegating user management to LDAP
    • This seems to be possible on newer versions, as this diagram shows
    • This would eliminate the need to configure LDAP twice

Is there a best practice for this? Are their additional strengths/weaknesses of each option?

Answer
Watch
Like Be the first to like this
566 views

2 answers

1 accepted

1 vote
Answer accepted
Bruna Griebeler
Bruna Griebeler
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
May 22, 2014

Hello Mike.

I Agree with Tiago, the first option is a better practice because it will maintain LDAP as the User Manager, centralising it.
The only strengths by using Jira for user management is if don't have an LDAP.
Another option that could be good now that you have Confluence and Jira, is to add Crowd in case you want to enable SSO (Single Sign On).
In that case, when you have LDAP, Crowd, Jira and Confluence (because of SSO), then we recommend to set LDAP -> Crowd and then Crowd -> Jira and Crowd -> Confluence.


About Crowd: https://www.atlassian.com/software/crowd/overview


About SSO: https://confluence.atlassian.com/display/CROWD/Overview+of+SSO<br< a="">>
Cheers!

Reply
1 vote
Tiago Comasseto
Tiago Comasseto
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
May 21, 2014

Hi Mike, I'd suggest opition 1. It may be a bit more complicated, but it would avoid an extra cache that is not necessary.

Cheers

Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.