Hello,

We have an instance of JIRA 4.4 running and authenticating against an LDAP server (users managed internally). It works fine. I can see that it executes the following command when I log in as user XXXXXX:
2012-04-04 17:38:44,049 http-443-6 DEBUG anonymous 1058x43x1 16xib1j <ip> /rest/gadget/1.0/login [atlassian.crowd.directory.SpringLDAPConnector] Performing user search: baseDN = OU=Users,OU=Organic Units,DC=CERN,DC=ch - filter = (&(sAMAccountName=XXXXXXX))

I try to set up a new instance of JIRA, but in version 5 this time. I see that there is no more osuser.xml but there is an administration panel to add a directory "Delegated LDAP Authentication". I fill it up, test it, and it says that it passes the test. I restart but then when I try to log in, it refuses. In the logs I see the following line :
2012-04-04 17:48:19,047 http-8443-6 DEBUG anonymous 1068x203x1 mth0ly <ip> /rest/gadget/1.0/login [atlassian.crowd.directory.SpringLDAPConnector] Performing user search: baseDN = OU=Users,OU=Organic Units,DC=CERN,DC=ch - filter = (&(objectclass=inetorgperson)(sAMAccountName=XXXXXX))

It is the same apart from the filter that has an extra bit (objectclass). I am not sure, but I guess it is this bit that makes trouble.Can I test my assumption somehow ? is there a way to test directly an ldap request ?

More importantly, can I get rid of this objectclass ?

Thank you in advance

Barthelemy

EDIT : I played a bit with ldapsearch and I see that it works with objectclass=person. How can I change inetorgperson for person ?

EDIT 2 : I could get it to work by doing in the database :
update cwd_directory_attribute set attribute_value = '(objectclass=person)' where attribute_name = 'ldap.user.filter' and directory_id = 10000;
I don't believe this is a real solution. Any help still welcome :)