Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

share issue only with users that have JIRA access

Alexander Pappert
Alexander Pappert
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
July 3, 2017

Hello,

we have about 28000 Users in our Active Directory. Users with access to JIRA are less than 100.

When I share an issue, the list of the uses contains all 28k.
How can I change JIRA, so that this list only contains users that have JIRA access?

Answer
Watch
Like Be the first to like this
681 views

1 answer

0 votes
Stefan Arnold
Stefan Arnold
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
July 3, 2017

When you use Active Directory as Jira User Directory you can use ldap filter to get only the user that have access to jira.
How do you grant you 100 User access to Jira?

In our case our jira users are members of active directory groups (jira-core-users and jira-software-users). we have also alot of users that dont have access to jira.
So i have created a filter to get only the user that are in the above mentioned groups. LDAP filter looks like this:

"ldap.user.filter": "
(&(objectCategory=Person)(sAMAccountName=*)
(|(memberOf:1.2.840.113556.1.4.1941:=cn=jira-core-users,OU=jira,OU=ourMainOU,DC=ourCompanyDc)
(memberOf:1.2.840.113556.1.4.1941:=cn=jira-software-users,OU=jira,OU=ourMainOU,DC=ourCompanyDc)))"

(the number behind membersOf is the LDAP matching rule OID, google it for more information)
that query has to be entered in your ad-settings in Jira in the user schema settings part in "User Object Filter":

jira_ldap_user.png

I would also give you a link to jira documentation but its not working today. so i hope this is enough help

View More Comments
Alexander Pappert
Alexander Pappert
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
July 3, 2017

Thanks Stefan.
But for this solution I need our IT, because they have to create & manage the LDAP Group.


Now, as JIRA Admin, I set these groups manually (Read Only, with Local Groups):
https://confluence.atlassian.com/display/AdminJIRAServer071/Connecting+to+an+LDAP+directory

Like
Stefan Arnold
Stefan Arnold
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
July 3, 2017

Then i need more information how you "share" issues.
Do you mean that you add them as watchers or what are you doing to "share"?

Like
Alexander Pappert
Alexander Pappert
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
July 3, 2017

I talk about this one:

sharing an issue
https://confluence.atlassian.com/jira064/emailing-an-issue-720416419.html

Like
Stefan Arnold
Stefan Arnold
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
July 3, 2017

Iam sure you cant restrict this feature in a simple way.
The clean way would be to import only the 100 Jira Users from Active Directory. Talk to your IT, its should not be a big effort and will make you work much easier in future.

Like
Alexander Pappert
Alexander Pappert
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
July 3, 2017

But then, I always need the IT, when I want do add a user to JIRA.

This means additional IT tickets and waiting time I don't need  ;)

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.