Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

LDAP and JIRA

Roy Chapman1
Roy Chapman
Contributor
October 27, 2014

Don't ask why, but our internal LDAP is setup to support 3 common name (cn) values. My account, for example, uses chapmar, roy.chapman@ubs.com and 43414247. All 3 are valid logins and all authenticate against the same password.
We would like to standardise against the login id, chapmar in the above example. The manual page for LDAP https://confluence.atlassian.com/display/USERMAN/_LDAP+User+Schema+Settings suggests this setting

User Unique ID Attribute
The attribute used as a unique immutable identifier for user objects. This is used to track username changes and is optional. If this attribute is not set (or is set to an invalid value), user renames will not be detected — they will be interpreted as a user deletion then a new user addition.
This should normally point to a UUID value. Standards-compliant LDAP servers will implement this as 'entryUUID' according to RFC 4530. This setting exists because it is known under different names on some servers, e.g. 'objectGUID' in Microsoft Active Directory.

Would this help do you think? Could we setup LDAP so the user can login as any one of the 3 above but all would be treated as the login id? Do you have any example of the usage of this field?

Answer
Watch
Like Be the first to like this
451 views

1 answer

0 votes
Bhushan Nagaraj
Bhushan Nagaraj
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
October 27, 2014

Hey Roy,

Maybe you can experiment with the User Object Filter. The default filter is

(&(objectCategory=Person)(sAMAccountName=*))

But, you can also have AND and OR conditions in it. There are some examples here

http://www.google.com/support/enterprise/static/postini/docs/admin/en/dss_admin/prep_ldap.html

and

https://confluence.atlassian.com/display/DEV/How+to+Write+LDAP+Search+Filters

I have not experimented with this but something for you to look at smile

Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

Community
Forums
FAQs Forums guidelines
Learning
About learning Resources
Events
Champions
Copyright © 2025 Atlassian
Privacy Policy Terms Security
Welcome illustration

Welcome to the new Atlassian Community

Online forums and learning are now in one easy-to-use experience.

By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.