Just a heads up: On March 24, 2025, starting at 4:30pm CDT / 19:30 UTC, the site will be undergoing scheduled maintenance for a few hours. During this time, the site might be unavailable for a short while. Thanks for your patience.

×
Create
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

How can I allow project owners to add members to specific groups?

Johannes Skov F1
Johannes Skov Frandsen June 19, 2014

Is there a way in Jira
that I, as and site administrator
can give project owners or members of a specific group
the ability to add existing users to specific existing groups?

This would really make the administraion much easier for me as a site admin.

Regards Johannes

Answer
Watch
Like Be the first to like this
617 views

5 answers

1 accepted

1 vote
Answer accepted
crf
crf
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
June 20, 2014

You can't, and this seems like a very dangerous idea. Membership in a group is a global concept, so it does not make sense to let a project administrator add users to global groups that could also escalate that user's privileges in another project. It would take a lot of discipline to make certain that each group you allowed this for was only used in a certain project or group of projects with similar access requirements.

It sounds like the existing Project Roles are closer to what you want here, as this allows you to grant project-scoped access to individual users.

If that does not meet your needs, then you might want to watch https://jira.atlassian.com/browse/JRA-3156. While there are several other issues related to the concept of a "limited administrator", JRA-3156 is where we are coordinating the plan to address that general category of concerns.

View More Comments
crf
crf
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
June 20, 2014

For reference, more information on Project Roles:

https://confluence.atlassian.com/display/JIRA/Managing+Project+Roles

Like
Johannes Skov F1
Johannes Skov Frandsen June 26, 2014

Well even thougth LDAP is an option it would likely make the process even slower than it already is do to internal processes. We'll stick with the current setup for now.

Like
Reply
0 votes
Vijay Khacharia
Vijay Khacharia
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
June 20, 2014
Hi May be you can add users in project roles instead of groups. And use role based permission scheme. Project admins have permission to administer this. Here link to documentation. https://confluence.atlassian.com/plugins/servlet/mobile#ManagingProjectRoleMembership-Assigningausertoaprojectrole
Reply
0 votes
Agata Przybysze
Agata Przybyszewska
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
June 19, 2014

Well, this wouldnt work for us, as we use JIRA to control application access to a whole suite of development tools: confluence, bamboo and stash.

So we need to use groups, that are properly nested into categories of developers etc. Otherwise it will be a lot of maintenance for our project managers to have to sync lists of users across the different applications!

What we are looking for is how to empower our PM's to add/remove users from groups.

View More Comments
crf
crf
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
June 20, 2014

This suggests that what you really need to do is use LDAP to control group membership in all of these applications and manage them through the LDAP server.

JIRA is not really intended to be an LDAP administration tool. To the extent that it can write to the LDAP directory, this is a global permission because group membership is a global concept. JIRA cannot "know" that you are choosing to follow a particular convention in how you assign the global groups to individual projects.

While this certainly sounds like a good idea, for JIRA to "understand" that this is what you are doing would require explicit support for the concept, and JIRA does not currently have that.

Like
Reply
0 votes
Joe Pitt
Joe Pitt
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
June 19, 2014

I suggest you control access with Roles. Project Admins can add/delete users from roles.

Reply
0 votes
Jobin Kuruvilla [Adaptavist]
Jobin Kuruvilla [Adaptavist]
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
June 19, 2014

Not possible without additional development. Memberships can only be managed by Site Admin or outside of JIRA (external directories like AD)

Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Upcoming Jira Events