You can connect Stash to an existing LDAP user directory, so that your existing users and groups stored in an enterprise directory, can be used in Stash.

Stash is able to connect to the following LDAP directory servers:

  • Microsoft Active Directory
  • Apache Directory Server (ApacheDS) 1.0.x and 1.5.x
  • Apple Open Directory (Read-Only)
  • Fedora Directory Server (Read-Only Posix Schema)
  • Novell eDirectory Server
  • OpenDS
  • OpenLDAP
  • OpenLDAP (Read-Only Posix Schema)
  • Generic Posix/RFC2307 Directory (Read-Only)
  • Sun Directory Server Enterprise Edition (DSEE)
  • Any generic LDAP directory server

See also this information about deleting users and groups  in Stash.

Connecting Atlassian Stash to your external directory is not sufficient to allow your users to log in to Stash. You must explicitly grant them access to Stash in the global permission screen.

We recommend that you use groups instead of individual accounts when granting permissions. However, be careful not to add more users to those groups that your Stash license allows. If the license limit is exceeded, your developers will not be able to push commits to repositories, and Stash will display a warning banner. See this FAQ.


On this page:

To connect Stash to an LDAP directory:

  1. Log in as a user with 'Admin' permission.
  2. In the Stash administration area, click User Directories (under 'Accounts').
  3. Click Add Directory and select either Microsoft Active Directory or LDAP as the directory type.
  4. Configure the directory settings, as described in the tables below.
  5. Save the directory settings.
  6. Define the directory order by clicking the arrows next to each directory on the 'User Directories' screen. The directory order has the following effects:

Server settings

LDAP schema

LDAP permission

Advanced settings

User schema settings

Group schema settings

Membership schema settings