Uploaded image for project: 'Confluence Server and Data Center'
  1. Confluence Server and Data Center
  2. CONFSERVER-21980

Support memberOf attribute on LDAP users for group membership

    XMLWordPrintable

    Details

    • Feedback Policy:
      We collect Confluence feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

      Description

      Dynamic groups are broken, but we need to investigate why and how to fix it. This is an important enhancement, as it is a common configuration.

      By dynamic groups, we mean the user entry has an 'memberOf' attribute value for each group (as opposed to the group having a 'member' attribute value for each user). Below is a sample LDAP configuration:

      dn: cn=mygroup,ou=groups,dc=example,dc=com
      objectClass: group
      ou: groups
      cn: mygroup

      dn: cn=jsmith,ou=users,dc=example,dc=com
      objectClass: inetOrgPerson
      ou: users
      cn: jsmith
      memberOf: cn=mygroup,ou=groups,dc=example,dc=com

      Note that the 'memberOf' attribute name may vary, and its value can be the full distinguished name (DN) or just the common name (CN) component. This customisation is required for full dynamic group support.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              matt@atlassian.com Matt Ryall
              Reporter:
              matt@atlassian.com Matt Ryall
              Votes:
              34 Vote for this issue
              Watchers:
              22 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: