Hi,
I have a need for adding multiple delegated user directories.
Directory 1 has most of the users, however some of the users are in both directory 2.
directory 2 users will always login with directory 2, will never use directory 1.
I configured both as delegated directories and user can login when only one directory is active, however its not working when both are active.
Any thoughts on this?
I am using jira 7.3.3
Yeah. These are always fun. Here is how this works in Jira.
You have 3 directories as follows:
When a user passes a username/pw pair, Jira looks at directory 1 and asks if the user is there. If no, it goes to directory 2 and asks if the user is there. If no, it goes to directory 3 and asks if the user is there. Once it gets a "yes," it asks if the user is enabled. If no, it stops and doesn't allow the login. If yes, it passes the pw and asks for validation. If the username/pw pair match, it allows the login, otherwise it does not.
Your problem is because you have the users that need to log in via directory #3 with accounts in directory #2. Just delete the accounts from directory #2 that should be logging in with directory #3 and you should be in business. This may involve bulk editing issues to change reporter or assignee to the correct username.
Thank you Dave, your explanation makes sense.
However I cannot delete the users from the directory as its managed at the higher level by different group.
what I can do is eliminate users from the filter who are not enabled in Delegated Auth1.
my filter is (&(objectclass=person)(employeeID=*)(userAccountControl=512))
This is should eliminate user who's account does not have (userAccountControl=512). This is not working. for a user with (userAccountControl=514) should skip Delegated Auth 1 and go to Delegated Auth 2 is not happening.
Any thoughts?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.