Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

adding multiple delegated user directories

Rashmi Belur
Rashmi Belur
Contributor
February 20, 2018

Hi,

I have a need for adding multiple delegated user directories.

Directory 1 has most of the users, however some of the users are in both directory 2.

directory 2 users will always login with directory 2, will never use directory 1.

I configured both as delegated directories and user can login when only one directory is active, however its not working when both are active.

Any thoughts on this?

I am using jira 7.3.3

 

Answer
Watch
Like Be the first to like this
414 views

1 answer

0 votes
Dave Theodore [Coyote Creek Consulting]
Dave Theodore [Coyote Creek Consulting]
Community Champion
February 20, 2018

Yeah. These are always fun.  Here is how this works in Jira.

You have 3 directories as follows:

  1. Internal Directory
  2. Delegated Auth 1
  3. Delegated Auth 2

When a user passes a username/pw pair, Jira looks at directory 1 and asks if the user is there. If no, it goes to directory 2 and asks if the user is there. If no, it goes to directory 3 and asks if the user is there. Once it gets a "yes," it  asks if the user is enabled. If no, it stops and doesn't allow the login. If yes, it passes the pw and asks for validation. If the username/pw pair match, it allows the login, otherwise it does not.

Your problem is because you have the users that need to log in via directory #3 with accounts in directory #2. Just delete the accounts from directory #2 that should be logging in with directory #3 and you should be in business. This may involve bulk editing issues to change reporter or assignee to the correct username.

View More Comments
Rashmi Belur
Rashmi Belur
Contributor
February 21, 2018

Thank you Dave, your explanation makes sense.

However I cannot delete the users from the directory as its managed at the higher level by different group.

what I can do is eliminate users from the filter who are not enabled in Delegated Auth1.

my filter is (&(objectclass=person)(employeeID=*)(userAccountControl=512)) 

This is should eliminate user who's account does not have (userAccountControl=512).  This is not working. for a user with (userAccountControl=514) should skip Delegated Auth 1 and go to Delegated Auth 2 is not happening.

Any thoughts?

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security