LDAP users synchronizing with Confluence without groups

Still need help?

The Atlassian Community is here for you.

Ask the community

Platform Notice: Server and Data Center Only - This article only applies to Atlassian products on the server and data center platforms.

Problem

If your LDAP configuration of security groups are in a particular OU, it may be difficult to determine how to bring users in from LDAP and the groups they are associated with.

Diagnosis

Environment

  • LDAP connection to Confluence

Diagnostic Steps

  • If you have a connection to LDAP and the users are being synchronized without groups

Resolution

With an LDAP configuration that utilizes security groups in an OU, it is necessary to separate where the users and groups are coming from.  

  • We will need the User filter to pull the particular users (in the setup of the directory, under User Configuration)
  • The Group filter (in the setup of the directory, under Group Configuration) will need to be pointed to the OU where the general user accounts exist (and security groups).

With these settings, the correct users will be synchronized with Confluence, and any security groups will be associated with them.

Example:

(&(objectCategory=Person)(sAMAccountName=*)
((memberOf=cn=confluence-users,ou=Groups,dc=sydney,dc=atlassian,dc=com)
  • This will pull all users in the confluence-users group (each individual account)
  • If the security groups are managed elsewhere, we will need to provide that location in the group settings:
(&(objectCategory=Group)((ou=confluence-security)))


This example will pull all users from the confluence-users group, but synchronize security groups associated with that account in the confluence-security OU to Confluence.
Last modified on Mar 21, 2019

Was this helpful?

Yes
No
Provide feedback about this article
Powered by Confluence and Scroll Viewport.