How to read directory configuration summary

Related content

Still need help?

The Atlassian Community is here for you.

Ask the community

Platform Notice: Data Center - This article applies to Atlassian products on the Data Center platform.

Note that this knowledge base article was created for the Data Center version of the product. Data Center knowledge base articles for non-Data Center-specific features may also work for Server versions of the product, however they have not been tested. Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.

*Except Fisheye and Crucible

Summary

The article helps to understand the mapping between the parameters present in the User Directory configuration (⚙ → User management → User Directories) and the Directory Configuration Summary (⚙ → User management → User Directories →  Directory Configuration Summary).

Environment

  • Jira Core/Software Data Center v8.x and higher
  • Jira Service Management Data Center v4.x and higher

Solution

User Directory Configuration

Directory Configuration Summary

Hostname and port

ldap.url

Base DN

ldap.basedn

Username

ldap.userdn

Password

ldap.password

Additional User DN

ldap.user.dn

Additional Group DN

ldap.group.dn

LDAP Permissions: Read Only

Allowed operations: [UPDATE_GROUP_ATTRIBUTE, UPDATE_USER_ATTRIBUTE]

Read Only, with Local Groups

Allowed operations: [CREATE_GROUP, CREATE_ROLE, CREATE_USER, DELETE_GROUP, DELETE_ROLE, DELETE_USER, UPDATE_GROUP, UPDATE_GROUP_ATTRIBUTE, UPDATE_ROLE, UPDATE_ROLE_ATTRIBUTE, UPDATE_USER, UPDATE_USER_ATTRIBUTE]


Read Only, with Local Groups

ldap.local.groups: true when enabled

ldap.local.groups: false when disabled

Read/Write

Allowed operations: [CREATE_GROUP, CREATE_ROLE, CREATE_USER, DELETE_GROUP, DELETE_ROLE, DELETE_USER, UPDATE_GROUP, UPDATE_GROUP_ATTRIBUTE, UPDATE_ROLE, UPDATE_ROLE_ATTRIBUTE, UPDATE_USER, UPDATE_USER_ATTRIBUTE]

Default Group Memberships

autoAddGroups

Secure SSL

ldap.secure: true when enabled

ldap.secure: false when disabled

Enable Nested Groups

ldap.nestedgroups.disabled=false when enabled.

ldap.nestedgroups.disabled=true when disabled.

Manage User Status Locally

localUserStatusEnabled=true when enabled.

localUserStatusEnabled=false when disabled.

Filter out expired users

ldap.filter.expiredUsers: true when enabled.

ldap.filter.expiredUsers: false when disabled.

Use Paged Results

ldap.pagedresults.size: 1000
ldap.pagedresults: true when enabled.

ldap.pagedresults: false when disabled.

Follow Referrals

ldap.referral: true when enabled

ldap.referral: false when disabled

Naive DN Matching


Enable Incremental Synchronisation

crowd.sync.incremental.enabled: true when enabled.

crowd.sync.incremental.enabled: false when disabled

Update group memberships when logging in: For newly added user only

crowd.sync.group.membership.after.successful.user.auth.enabled: only_when_first_created

Update group memberships when logging in: Never

crowd.sync.group.membership.after.successful.user.auth.enabled: false

Update group memberships when logging in: Every time the user logs in

crowd.sync.group.membership.after.successful.user.auth.enabled: true

Synchronisation Interval (seconds)

directory.cache.synchronise.interval

Read Timeout (seconds)

ldap.read.timeout

Search Timeout (seconds)

ldap.search.timelimit

Connection Timeout (seconds)

ldap.connection.timeout

User Object Class

ldap.user.objectclass

User Object Filter

ldap.user.filter

User Name Attribute

ldap.user.username

User Name RDN Attribute

ldap.user.username.rdn

User First Name Attribute

ldap.user.firstname

User Last Name Attribute

ldap.user.lastname

User Display Name Attribute

ldap.user.displayname

User Email Attribute

ldap.user.email

User Password Attribute

ldap.user.password

User Unique ID Attribute

ldap.external.id

Group Object Class

ldap.group.objectclass

Group Object Filter

ldap.group.filter

Group Name Attribute

ldap.group.name

Group Description Attribute

ldap.group.description

Group Members Attribute

ldap.group.usernames

User Membership Attribute

ldap.user.group

Use the User Membership Attribute: When finding the user's group membership

ldap.usermembership.use: true when enabled

ldap.usermembership.use: false when disabled

Use the User Membership Attribute: When finding the members of a group

ldap.usermembership.use.for.groups: true when enabled

ldap.usermembership.use.for.groups: false when disabled

Copy User on Login

crowd.delegated.directory.auto.create.user: true when enabled

crowd.delegated.directory.auto.create.user: false when disabled

Update User attributes on Login

crowd.delegated.directory.auto.update.user: true when enabled

crowd.delegated.directory.auto.update.user: false when disabled

Synchronise Group Memberships

crowd.delegated.directory.importGroups: true when enabled

crowd.delegated.directory.importGroups: false when disabled



Last modified on Mar 6, 2025

Was this helpful?

Yes
No
Provide feedback about this article

Related content

Powered by Confluence and Scroll Viewport.