I am trying to setup LDAP authentication (Microsoft Active Directory) in Jira that requires accessing a directory in a cross-forest trust. LDAP host is located in forest A while the bind user and authenticating users are in forest B. Bind fails when using a user in forest B with the following error which I believe indicates invalid credentials:
[LDAP: error code 49 - 80090308: LdapErr: DSID-0C090442, comment: AcceptSecurityContext error, data 52e, v3839]; nested exception is javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C090442, comment: AcceptSecurityContext error, data 52e, v3839]
"Follow referrals" is enabled as this is not a parent to child domain scenario rather forest to forest.
I am able to successfully bind with a user in forest B and connect to the LDAP host in forest A using ldp.exe. With the same tool and configuration options (including chase referrals enabled), I can browse and find the users I need in forest B.
Is cross-forest authentication supported in Jira? If so, what additional configuration settings is required to make this work? I am not familiar with Jira at all as I am actually the AD admin assisting developers who use Jira. I've searched this community and found similar situations, but not quite the same. I do have access to the Jira server which is hosted on a Linux OS, so if there are config files located within the OS that need to be modified, I would appreciate details. Side note, the Jira server is pointing to the forest A DNS servers as I read DNS resolution might be the issue.
Thank you!
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.