Uploaded image for project: 'Confluence Data Center'
  1. Confluence Data Center
  2. CONFSERVER-21980

Support memberOf attribute on LDAP users for group membership

XMLWordPrintable

    • We collect Confluence feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

      Dynamic groups are broken, but we need to investigate why and how to fix it. This is an important enhancement, as it is a common configuration.

      By dynamic groups, we mean the user entry has an 'memberOf' attribute value for each group (as opposed to the group having a 'member' attribute value for each user). Below is a sample LDAP configuration:

      dn: cn=mygroup,ou=groups,dc=example,dc=com
      objectClass: group
      ou: groups
      cn: mygroup

      dn: cn=jsmith,ou=users,dc=example,dc=com
      objectClass: inetOrgPerson
      ou: users
      cn: jsmith
      memberOf: cn=mygroup,ou=groups,dc=example,dc=com

      Note that the 'memberOf' attribute name may vary, and its value can be the full distinguished name (DN) or just the common name (CN) component. This customisation is required for full dynamic group support.

        1. dynamicSupport.zip
          4 kB
          Anton Vinogradov

              matt@atlassian.com Matt Ryall
              matt@atlassian.com Matt Ryall
              Votes:
              34 Vote for this issue
              Watchers:
              22 Start watching this issue

                Created:
                Updated:
                Resolved: