Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Not able to configure LDAP group lookup

Nacho Lafuente
Nacho Lafuente February 27, 2013

Hi, I've followed https://confluence.atlassian.com/display/JIRA/Connecting+to+an+LDAP+Directory to configure LDAP for my evaluation JIRA. At section Membership Schema Settings it says that there should be two checkboxes to decide whether groups are retrieved from the user (memberOf) or looking up the group and then users (member).

My problem is that only one checkbox is there. Also, if I check LDAP configuration, it seems that both checks are false.

What's happening is that ALL my LDAP users are being synchronized into JIRA, exceeding by far number of licenses.

Answer
Watch
Like Be the first to like this
2745 views

5 answers

1 accepted

0 votes
Answer accepted
Nacho Lafuente
Nacho Lafuente February 27, 2013

screenshot.

View More Comments
Aspect Infra Te
Aspect Infra Team
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
February 27, 2013

i see no problem here, should work this way
but as i already comment
1) additional group dn only for narrow search of groups within your directory, for narrow user search better add userfilter to corresponding field ( see screenshot )


2) AFAIK doesn't matter how many users jira synced from LDAP only members of "jira-users" group ( group giving access to jira ) are counted to licence

Like
Nacho Lafuente
Nacho Lafuente March 4, 2013

We have solved it adding a new attribute for each user in LDAP, so that filtering works. Thanks for your help!

Like
Reply
0 votes
Aspect Infra Te
Aspect Infra Team
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
February 27, 2013

additional group dn only for narrow group search within your directory
for narrow user search-sync better add userfilter to field

Reply
0 votes
Aspect Infra Te
Aspect Infra Team
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
February 27, 2013

i think you are made some errors in config.
can you please post screenshot of config ( you can erase secure-related part ) for better undestand where is the problem

View More Comments
Nacho Lafuente
Nacho Lafuente February 27, 2013

Please find my config.

Like
Nacho Lafuente
Nacho Lafuente February 27, 2013

screenshot.

Like
Reply
0 votes
Nacho Lafuente
Nacho Lafuente February 27, 2013

yes, same configuration is shown in my case. The problem is that although the checkbox is unselected (as yours), when I click on "Save & Test", the test is failing because it's ignoring the unselected "use the user membership attribute". My LDAP has not configured the "memberOf", but "member" for groups.

My configuration also tries to restrict sync'ed users to those belonging to group "staff", so "Additional Group DN" is configured to "cn=staff,ou=Group". But all users are being sync'ed.

Reply
0 votes
Aspect Infra Te
Aspect Infra Team
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
February 27, 2013

can you please add a screenshot?

i have 2 fields and one checkbox to choose which field will be used

and it's working fine this way

Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.