While the delegated directories are a nice attempt to solve problems with membership of LDAP/AD users into Crowd controlled groups, it falls short since it is a one time load or manual load. This introduces more administrative overhead for managing users - something Crowd was suppose to help. So now I have LDAP/AD users and groups and a copy in the delegated directory, so I need a automated way to keep these in sync. The fact that Crowd will automatically add a user to the delegated directory if they successfully validate to LDAP/AD doesn't help because they are missing their group membership which is critical for proper authorities. So either make the delegated directory smart enough to keep in sync or provide a remote API (SOAP) to allow the sync operation to be automated. The API should allow for a sync update to complete without application interruption. Must support option to allow deleted users to remain in delegated directory as disabled users.
[CWD-962] Automation for delegated directories
I installed 2.2.7 and read the documentation. It appears that the support does not meet our needs either 
. We have a delegated directory - my understanding is that this support does nothing for delegated directories to enable automatic synchronization. Please correct me if I am wrong. The newer LDAP connector directories do not allow user defined attributes: Custom user attributes are not yet supported for LDAP directories even though there is an entry field showing. We already have a number of attributes defined and in use .
You can use caching LDAP directories to periodically synchronise your LDAP server with Crowd. The period of synchronisation is configurable so that you can trade-off the load of performing frequent syncs with your ability to deal with stale data. There are various factors you can tune to improving the speed of synchronisation and they are discussed in the documentation.
If you specifically want to use delegated authentication directories and want group membership sync on auth, we are looking at implementing this feature in the near future. It is being tracked in a separate issue: CWD-2497
Jay Compton
added a comment - This is a big priority for us as well. Our directory changes frequently and with many different applications using this we have a definitive need for visibility into AD/LDAP as well as the ability to automate synchronization.
Jay Compton
added a comment - This is a big priority for us as well. Our directory changes frequently and with many different applications using this we have a definitive need for visibility into AD/LDAP as well as the ability to automate synchronization. 
Jesper Sørensen
added a comment - This is also a very big priority for our organization.
In essence, this is the only reason we have for using Crowd, as we want to aggregate multiple ADs to make them available in JIRA and Confluence.
Jesper Sørensen
added a comment - This is also a very big priority for our organization.
In essence, this is the only reason we have for using Crowd, as we want to aggregate multiple ADs to make them available in JIRA and Confluence. 
Boris Demirov
added a comment - I think this is essential function and have to be added in future.
Most organizations I believe will use Crowd for Atlassian products but still will rely on another user management system and with that in mind Crowd have to be more automated when speaking for Delegated directories.
Another missing function for me is the ability to assign groups for people imported with the directory importer.
Boris Demirov
added a comment - I think this is essential function and have to be added in future.
Most organizations I believe will use Crowd for Atlassian products but still will rely on another user management system and with that in mind Crowd have to be more automated when speaking for Delegated directories.
Another missing function for me is the ability to assign groups for people imported with the directory importer. 
David Soul [Atlassian]
added a comment - There is a user-contributed plugin that appears to automatically import new users in AD into the Crowd internal directory and provide Confluence membership, but this is not specific to delegated directories. It might be worthwhile investigating as a the basis for a specific directory synchronisation tool. See http://confluence.atlassian.com/display/CROWDEXT/Crowd+to+Confluence+Auto-Users+Adder+Plugin
David Soul [Atlassian]
added a comment - There is a user-contributed plugin that appears to automatically import new users in AD into the Crowd internal directory and provide Confluence membership, but this is not specific to delegated directories. It might be worthwhile investigating as a the basis for a specific directory synchronisation tool. See http://confluence.atlassian.com/display/CROWDEXT/Crowd+to+Confluence+Auto-Users+Adder+Plugin 
Bob Swift
added a comment - Any updates on this? We just implemented Confluence talking to Crowd and within a couple of days had an issue with membership being out of date affecting ability to access Confluence information. Tried looking for a URL string that could help automate this but was not successful, looks like the import is a sequence of steps where the input data is stored in a cookie.
Bob Swift
added a comment - Any updates on this? We just implemented Confluence talking to Crowd and within a couple of days had an issue with membership being out of date affecting ability to access Confluence information. Tried looking for a URL string that could help automate this but was not successful, looks like the import is a sequence of steps where the input data is stored in a cookie. 
VIP acc free