In Blog, Product Updates

Atlassian Jira is a leading application for issue tracking, bug tracking and project management. Managing users for Jira can be a manual chore resulting in extra time and effort – and, potentially a security risk. The on premise deployment of Jira natively supports managing users through LDAP. By connecting Jira to LDAP via Directory-as-a-Service, IT admins benefit in a number of ways:

  • One central place to manage your users – saves time and effort
  • Your users effectively get single sign-on for their technical applications
  • Increased security – reduced risk of users having access that shouldn’t

JumpCloud’s Directory-as-a-Service makes it easy to manage Jira users. Through our hosted LDAP solution, users can be populated in our directory and then Jira can authenticate users via a secure LDAP endpoint with minimal configuration necessary on the application side.

Here’s how to manage Jira users with JumpCloud:

BEFORE YOU BEGIN:

The documentation below is no longer up-to-date. We’ve made a lot of progress on the JumpCloud Directory-as-a-Service platform since this blog post was published in 2014. For the most up-to-date information on how to use JumpCloud’s LDAP-as-a-Service, visit our Knowledge Base here. For setting up SSO with Atlassian Cloud, go here.

ADDITIONAL NOTE:

If you haven’t done so already, please sign up for the JumpCloud service here. You can evaluate this entire process below with no commitment. We give you 10 free users forever.

Step 1: Creating a BindDN Service Account

To use JumpCloud’s LDAP service, you must create a BindDN so the Atlassian service can be authorized to scan the Users and Groups within JumpCloud’s Directory. You will see that Service Account named ‘ldapuser’ in the screenshots below…but the name of the service account is entirely up to you. You can learn exactly how to do that here in this tutorial.

Step 2: Creating Users within the Directory

As JumpCloud’s Directory-as-a-Service will be the LDAP-accessed authoritative source of users in this tutorial, you will need to add users to the directory so they may be imported into Atlassian. You can learn exactly how to do that here in this tutorial.

Step 3: Configure Jira to authenticate to the JumpCloud LDAP endpoint

Click on “Administration”, then “User Management”, then “User Directories” in the Jira console.
Click “Add Directory”.

Jira 1

 

 

 

 

 

 

 

 

 

Choose “LDAP” at the “Directory Type” prompt.

Jira 2

 

 

 

 

 

 

 

In this configuration section enter the settings as follows.
Server Settings:

Name: [Enter any name here]

Directory Type: OpenLDAP
Hostname: ldap.jumpcloud.com
Port: 636 & check SSL
Username: uid=<YOUR LDAP BINDING USER>,ou=Users,o=<YOUR ORGANIZATION ID>,dc=jumpcloud,dc=com

(NOTE: Remove “<” and “>” brackets above when inserting your data)

(For more information on LDAP Binding User, please read this article)

Password: Password for YOUR LDAP BINDING USER

LDAP Schema:

Base DN: ou=Users,o=<YOUR ORGANIZATION ID>,dc=jumpcloud,dc=com
Additional User DN: Can be left blank
Additional Group DN: Can be left blank

LDAP Permissions:

Choose – Read Only, with Local Groups

Default Group Memberships: jira-users

See below for Details…

jira1

 

 

 

Advanced Settings:

jira2

 

 

User Schema Settings:

jira3

 

Group Schema Settings

jira4

Membership Schema Settings

 

jira5

Step 3: Verify JumpCloud authentication with Jira
Enter in the username and password for the LDAP Bind User utilized for the connection.

jira6

 

Click on “User Directories” and you will see the note “Never synchronized”

Jira 8

 

 

 

 

 

 

 

 

 

Click on ‘Synchronize’…

Jira 9

 

 

 

 

 

 

 

 

 

Now, return to the Atlassian dashboard and select to see the list of users. You will see your JumpCloud users imported, for example:

Jira 10

 

 

 

 

 

 

 

In the configuration above, we configured the group “jira-users” by default. After a user logs in successfully, they are added to this group. For example after Jane DBA logs in, this page is updated as such:

Jira 11

 

 

 

 

 

 

 

Instead of standing up your own LDAP system or managing it, you can easily leverage JumpCloud’s hosted LDAP service, all part of Directory-as-a-Service. Connect it to all of your critical apps, and you are good to go. Your users will also appreciate this, as their single account can now be used for technical applications as well.

If you are utilizing Jira within your organization and want to simplify the user management for it – and increase security – give JumpCloud a try. We offer 10 free users forever.

Recent Posts