Uploaded image for project: 'Jira Data Center'
  1. Jira Data Center
  2. JRASERVER-29187

When synchronising with Active Directory, the Primary Group of the User is not brought across

XMLWordPrintable

    • We collect Jira feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

      NOTE: This suggestion is for JIRA Server. Using JIRA Cloud? See the corresponding suggestion.

      Crowd Embedded doesn't currently synchronise a user's primary group, as per the attached screenshot. It looks like this is because it's not a memberOf object, as in the sample LDIF below:

      version: 1

dn: CN=David Currie,CN=Users,DC=sydney,DC=atlassian,DC=com
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: user
cn: David Currie
instanceType: 4
objectCategory: CN=Person,CN=Schema,CN=Configuration,DC=sydney,DC=atlassian,
 DC=com
accountExpires: 9223372036854775807
badPasswordTime: 129864372011250000
badPwdCount: 0
codePage: 0
countryCode: 0
displayName: David Currie
distinguishedName: CN=David Currie,CN=Users,DC=sydney,DC=atlassian,DC=com
givenName: David
lastLogoff: 0
lastLogon: 129864372039218750
logonCount: 0
memberOf: CN=jira-users,OU=test space,DC=sydney,DC=atlassian,DC=com
memberOf: CN=jira-administrators,OU=test space,DC=sydney,DC=atlassian,DC=com
memberOf: CN=jira-developers,OU=test space,DC=sydney,DC=atlassian,DC=com
name: David Currie
objectGUID:: MRACIlp/eUazyg2iDAiW3A==
objectSid:: AQUAAAAAAAUVAAAA1XLEFMke4fTNF9tNXvwEAA==
primaryGroupID: 513
pwdLastSet: 129853139487968750
sAMAccountName: dcurrie
sAMAccountType: 805306368
sn: Currie
userAccountControl: 66048
userPrincipalName: dcurrie@sydney.atlassian.com
uSNChanged: 26853843
uSNCreated: 26853837
whenChanged: 20120627233908.0Z
whenCreated: 20120627233908.0Z

      Can you please improve the Embedded Crowd engine in JIRA so that it imports the primary group of the user? Thanks!

      Workaround

      Set up the User Directory so that it uses the Default Group Membership functionality. This will require a permission setting of Read Only, with Local Groups. This won't bring over the Primary Group, however it will let you set a default group for all users.

        1. dcurrie.ldif
          1 kB
        2. Groups.jpg
          Groups.jpg
          60 kB

              Unassigned Unassigned
              dcurrie@atlassian.com Dave C
              Votes:
              11 Vote for this issue
              Watchers:
              15 Start watching this issue

                Created:
                Updated:
                Resolved: