Jira 7.4.2, Crowd 2.12.0
I am setting up JIRA to use Single SignOn, using a crowd delegated directory with authentication against an AD LDAP, and user information synchronization on login.
The documentation Integrating Crowd with Atlassian JIRA says to create the groups jira-users, jira-developers and jira-administrators, so this is what I did, setting the users to have the jira-users group as initial membership.
Then I had a user log into JIRA using her AD credentials. Her user was created in crowd and got the jira-users membership, but she was told on login that she had insufficient privileges to log in.
When I look at the global permissions admin page in Jira, it just assigns permissions to two groups: jira-administrators and jira-software-users
So what should I do:
I think alternative 2 will be hard to get right, so I guess alternative 1 is the right answer?
However, since there is no longer a jira-developer group created by default, is there no longer any need to make that distinction?
It used to be that anyone doing more than reporting and commenting on issues (i.e. project leads, component leads and developers) would have to be in the jira-developers group. Can the necessary roles be assigned to jira-software-users?
Thanks!
JIRA 7's implementation of applications has changed the way groups get access and changed the defaults, so a lot of docs out there are based on old information.
The easy answer is that you can do whatever you want, but that's not of any use to you. Both of your suggestions are valid.
I'd tend towards the first though, as it's closer to the defaults that Atlassian give out.
And then, yes, you don't need to worry about jira-developers. You can use whatever groups you want to provide basic access (a flat "jira-software-users can use jira Software" is a really good simple approach), and then expand other permissions with other groups. For "new user will always have access to project X", yes, use jira-software-users to the roles in X.
Thanks! I'm going with alternative 1 for now.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
 
 
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.