Just a heads up: On March 24, 2025, starting at 4:30pm CDT / 19:30 UTC, the site will be undergoing scheduled maintenance for a few hours. During this time, the site might be unavailable for a short while. Thanks for your patience.

×
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Problem integrating Jira and LDAP

Mezzanotte
Mezzanotte December 25, 2011

Hello everyone,

I've setup Jira to use LDAP (Open LDAP, read-only). When I synchronized, the groups and users are correctly found. But the association between users and groups was not found.

The Group Schema Settings is configured as a PosixGroup. I guess I'm not setting the correct values for the Membership Schema Settings:

My Group Schema Settings:

<label style="float: left; display: block; left: -240px; line-height: 1; margin-right: -230px; padding-top: 4px; position: relative; width: 230px; text-align: right; word-wrap: break-word;" for="configure-ldap-form-ldapGroupObjectclass">Group Object Class:required</label><input id="configure-ldap-form-ldapGroupObjectclass" class="text " style="margin-top: 0px; margin-right: 5px; margin-bottom: 0px; margin-left: 0px; width: 250px; color: #000000; padding: 2px;" type="text" name="ldapGroupObjectclass" value="posixGroup"/>
LDAP attribute objectClass value to search for when loading groups.
<label style="float: left; display: block; left: -240px; line-height: 1; margin-right: -230px; padding-top: 4px; position: relative; width: 230px; text-align: right; word-wrap: break-word;" for="configure-ldap-form-ldapGroupFilter">Group Object Filter:required</label><input id="configure-ldap-form-ldapGroupFilter" class="text " style="margin-top: 0px; margin-right: 5px; margin-bottom: 0px; margin-left: 0px; width: 250px; color: #000000; padding: 2px;" type="text" name="ldapGroupFilter" value="(objectclass=posixGroup)"/>
The filter to use when searching group objects.
<label style="float: left; display: block; left: -240px; line-height: 1; margin-right: -230px; padding-top: 4px; position: relative; width: 230px; text-align: right; word-wrap: break-word;" for="configure-ldap-form-ldapGroupName">Group Name Attribute:required</label><input id="configure-ldap-form-ldapGroupName" class="text " style="margin-top: 0px; margin-right: 5px; margin-bottom: 0px; margin-left: 0px; width: 250px; color: #000000; padding: 2px;" type="text" name="ldapGroupName" value="cn"/>
The attribute field to use when loading the group name.
<label style="float: left; display: block; left: -240px; line-height: 1; margin-right: -230px; padding-top: 4px; position: relative; width: 230px; text-align: right; word-wrap: break-word;" for="configure-ldap-form-ldapGroupDescription">Group Description Attribute:required</label><input id="configure-ldap-form-ldapGroupDescription" class="text " style="margin-top: 0px; margin-right: 5px; margin-bottom: 0px; margin-left: 0px; width: 250px; color: #000000; padding: 2px;" type="text" name="ldapGroupDescription" value="description"/>

My Membership Schema Setting:

<label style="float: left; display: block; left: -240px; line-height: 1; margin-right: -230px; padding-top: 4px; position: relative; width: 230px; text-align: right; word-wrap: break-word;" for="configure-ldap-form-ldapGroupUsernames">Group Members Attribute:required</label><input id="configure-ldap-form-ldapGroupUsernames" class="text " style="margin-top: 0px; margin-right: 5px; margin-bottom: 0px; margin-left: 0px; width: 250px; color: #000000; padding: 2px;" type="text" name="ldapGroupUsernames" value="memberUid"/>
The attribute field to use when loading the group members from the group.
<label style="float: left; display: block; left: -240px; line-height: 1; margin-right: -230px; padding-top: 4px; position: relative; width: 230px; text-align: right; word-wrap: break-word;" for="configure-ldap-form-ldapUserGroup">User Membership Attribute:required</label><input id="configure-ldap-form-ldapUserGroup" class="text " style="margin-top: 0px; margin-right: 5px; margin-bottom: 0px; margin-left: 0px; width: 250px; color: #000000; padding: 2px;" type="text" name="ldapUserGroup" value="memberOf"/>
The attribute field to use when loading a user's groups.
<fieldset class="group " style="border-style: initial; border-color: initial; border-width: initial; position: relative; clear: both; min-height: 1.6em; color: #333333; font-family: arial, tahoma, verdana, sans-serif; font-size: 13px; line-height: 18px; padding: 0px; margin: 0px;"><legend>Use the User Membership Attribute:</legend>
<input id="configure-ldap-form-ldapUsermembershipUse" class="checkbox " style="margin-top: 0px; margin-right: 2px; margin-bottom: 0px; margin-left: 0px; border-width: initial; border-color: initial; float: none; width: 15px; height: auto; vertical-align: middle; position: static; border-style: none; padding: 0px;" type="checkbox" name="ldapUsermembershipUse" value="true"/> <label style="float: none; display: inline; left: 0px; line-height: 1; padding-top: 4px; position: static; width: 230px; text-align: right; word-wrap: break-word; margin: 0px;" for="configure-ldap-form-ldapUsermembershipUse">When finding the user's group membership</label>
</fieldset>

For the Group Member Attribute I tried with uniqueMember and member without success.

Am I doing something wrong?

Thx,

Mezza

<label style="float: left; display: block; left: -240px; line-height: 1; margin-right: -230px; padding-top: 4px; position: relative; width: 230px; text-align: right; word-wrap: break-word;" for="configure-ldap-form-ldapGroupObjectclass">
</label>

Answer
Watch
Like Leo Diaz _ DEISER likes this
542 views

3 answers

1 accepted

0 votes
Answer accepted
Mezzanotte
Mezzanotte January 9, 2012

I solved my problem.

It was just a matter of configuration. It worked with this attributes:

directory type: Open LDAP (Read-only Posix Schema)

username attribute: uid

user membership attribute: uid

View More Comments
Michael Schneider
Michael Schneider January 17, 2012

After you have made these changes you just pressed the synchronize link? Unfortunately your solution is not working at our installation :(

Like
Mezzanotte
Mezzanotte January 17, 2012

Yes After the changes, I synchronized and it worked. How are your settings?

Like
Reply
0 votes
Leo Diaz _ DEISER
Leo Diaz _ DEISER
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
December 25, 2011

Hi Mezza!

I don't know the JIRA roadmap, I ran this query in the 4.4.3 version.

I recommend you to check it previously (test env.). Then, if all works fine, you can go on with it the production env!!

Reply
0 votes
Leo Diaz _ DEISER
Leo Diaz _ DEISER
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
December 25, 2011

Hi!

I had the same problem, check the following link, which explains how to associate groups and user directories with a SQL script.

https://jira.atlassian.com/browse/JRA-24161?focusedCommentId=249354&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-249354


View More Comments
Mezzanotte
Mezzanotte December 25, 2011

Hi Leo,

I'm using Jira 4,4. Is this the only way to fix this?!

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events