Known issues, hints and tips and answers to commonly asked questions about Crowd:
- What is single sign-on (SSO)?
- What is authorisation?
- What is authentication?
- What is centralised authentication?
- What is identity management?
- What is a directory?
- How does Crowd work? How is Crowd an "application security framework"?
- What is an application connector?
- What is a directory connector?
- How many users can Crowd manage?
- We already have an LDAP server for Confluence and/or JIRA. Do we really need Crowd?
- What are Crowd's system requirements?
- What directories and applications does Crowd support out of the box?
- How can Crowd be connected to new or currently unsupported applications?
- How does Crowd integrate with other Atlassian products?
- Does Crowd include Kerberos integration?
Common Evaluator Questions:
- Can Crowd run alongside another SSO solution?
- Can I setup a user frontend and login page for Crowd?
- Can I setup password-only delegated LDAP and AD integration?
- How can I filter unwanted LDAP entries?
- How do I fix a 'User Limited Exceeded' error?
- How do I fix slow performance?
- Is clustering supported?
- Deploying Multiple Atlassian Applications in a Single Tomcat Container
- Finding the atlassian-crowd.log File
- Finding your Crowd Home Directory
- Recovering your Console application password
- Removing the 'crowd' Context from the Application URL
- Resetting the Domain Cookie Value
- Restarting the Setup Wizard from Scratch
- Self Signed Certificate
- Using Crowd in a Cluster is Not Supported
- How to Print Only Tomcat Logs into Crowd's catalina.out
- Principals and Users
- Using Apache Directory Studio for LDAP Configuration
- All Integrations
- Atlassian Product Integration
- IBM Lotus Domino Integration
- IBM Websphere Integration
- Bug Fixing Policy
- How to Report a Security Issue
- New Features Policy
- Security Advisory Publishing Policy
- Security Bugfix Policy
- Security Patch Policy
- Severity Levels for Security Issues
- Finding Known Issues
- Characters in User or Group DN's that will cause problems when using Crowd
- Problems when Importing Users into MySQL
- Troubleshooting LDAP Error Codes
- Troubleshooting LDAP User Management
- Troubleshooting SSL certificates and Crowd
- How to Optimise Crowd Client Caching
- Troubleshooting Crowd Performance
- Troubleshooting SSO with Crowd
- Troubleshooting CrowdID
What is single sign-on?
What is authorization?
Authorization is the act of deciding whether a person is allowed to access a specific resource or web application. This often comes in the form of groups, roles and permissions.
What is authentication?
Authentication is the act of verifying that a user is who they say they are. This is often done through a credential such as user name and password.
What is centralized authentication?
Centralized authentication is when an end-user has the same username and password used across all web applications, even if the application cannot participate in single sign-on. This is often a major milestone before single sign-on is achieved within an organisation.
Crowd provides centralization authentication and/or single sign-on depending on your application's capabilities.
What is identity management?
is the process of defining a user (a 'principal') and managing their attributes. In addition to username and credentials (e.g. password), attributes might include phone number, address, etc.
Identity management also includes assigning users to relevant groups and roles, so that users can access appropriate applications and resources.
Another important part of identity management is managing the entire user lifecycle, for example, disabling the user account when someone leaves the organization.
What is a directory?
A directory is a repository of information containing user identities, their attributes and their group and role memberships.
How does Crowd work? How is Crowd an "application security framework"?
Crowd is made up of two parts:
- Administration console: a brilliantly simple and powerful web interface that manages directories, users, and their security rights.
- Integration API: a single security architecture where multiple web applications are integrated. With the integration API, applications can quickly access user information or perform security checks.
What is an application connector?
An application connector is the link between Crowd and one of your applications. An application connector makes it possible to connect, say, Crowd and JIRA. When you download and install Crowd, you'll automatically get its application connectors, along with an integration API so that you can code your own application connectors too.
What is a directory connector?
A directory connector is the link between Crowd and one of your directories. It makes it possible to connect, say, Crowd and Active Directory. When you download and install Crowd, you'll automatically get its directory connectors, along with an integration API so that you can code your own directory connectors too.
How many users can Crowd manage?
Crowd can support over 500 users depending upon which license you purchase. View the licensing and pricing breakdown for more information. We have customers using Crowd successfully with tens of thousands of users.
How many applications can be used with Crowd?
So long as they're compatible with Crowd, you can add in as many applications as your organization needs.
We already have an LDAP server for Confluence and/or JIRA. Do we really need Crowd?
If one or more of the following apply, Crowd will be of benefit to you:
- your organization uses multiple applications and they have not yet been integrated into the LDAP server
- you are looking for an easy way to manage all your JIRA and Confluence users in one database with one or more directory servers
- your organization has not yet implemented single sign-on
- you are looking for a way to help save you and your organization time, frustration, and much more!
What are Crowd's system requirements?
For information on compatible databases, application servers, and operating systems, read the Supported Platforms page.
What directories and applications does Crowd support out-of-the-box?
A complete list of currently supported applications and directories can be found in Crowd's documentation. Check back often, as new connectors will be added regularly.
How can Crowd be connected to new or currently unsupported applications?
Crowd provides a simple and intuitive integration API (backed by REST or SOAP) that allows you to connect in your new or existing applications. This makes it easy to choose how much or how little to integrate based on your needs.
How does Crowd integrate with other Atlassian products?
Crowd ships with connectors for Atlassian products.
Using the out-of-the-box connectors you can consolidate all of your users into a single repository giving you the ability to manage all of your users in a single location. Users can then take advantage of single sign-on, giving them one username and password to access all of your applications.
Does Crowd include kerberos integration?
Crowd does not currently support kerberos-based authentication.