Go through the following steps to integrate Jira with an LDAP server:
- Navigate to Administration > User management > User Directories.
- Click on the Add Directory button and select either Microsoft Active Directory or LDAP for non-AD directories.
- Enter the LDAP server, schema, and permission settings. Refer to the following table for more details.
- Click on the Quick Test button to validate Jira's connectivity to LDAP.
- Click on the Save and Test button if there are no issues with connecting to LDAP.
- Type in a username and password to run a quick test. While doing this, make sure that Jira is able to connect to LDAP, to find the user and retrieve the user's group information, and to authenticate against LDAP.
The following tables list all the configuration parameters for configuring LDAP. Each table includes the parameters for each section on the configuration page. Let's have a look at the following table:
| Server settings | Description |
| Name | This is an identifier for the LDAP server. |
| Directory Type | This selects the type of the LDAP server—for example, Microsoft Active Directory. Jira automatically fills in the user and group schema details based on the type selected. |
| Hostname | This is the host of the LDAP server is hosted. |
| Port | This is the port that the LDAP server listens to for incoming connections. |
| Use SSL | This checks whether SSL is being used on LDAP. |
| Username | This is the user account that Jira uses to access LDAP. This should be a dedicated account for Jira. |
| Password | This is the password for the account. |
The following table lists LDAP schema parameters and their descriptions:
| LDAP schema | Description |
| Base DN | This is the root node where Jira starts the search for users and groups. |
| Additional User DN | This is the additional DN to further restrict a user search. |
| Additional Group DN | This is the additional DN to further restrict a group search. |
The following table lists LDAP permissions and their descriptions:
| LDAP permission | Description |
| Read Only | Select this option if you do not want Jira to make any changes to LDAP. This is the ideal option if everything, including the user's group memberships, is managed with LDAP. |
| Read Only, with Local Groups | This option is similar to the Read Only option but lets you manage group memberships locally within Jira. With this option, the group membership changes you make will remain in Jira only. This is the ideal option when you only need user information from LDAP and want to manage Jira-related groups locally. |
| Read/Write | Select this option if you want Jira to be able to make direct changes to LDAP, assuming that Jira's LDAP account has the write permission as well. |
The following screenshot shows how to test the settings:
After you have added your LDAP server as a user directory, Jira will automatically start synchronizing its user and group data. Depending on the size of your LDAP, it may take a few minutes to complete the initial synchronization. You can click on Back to directory list to go to the directory list link and see the status of the synchronization process.
Once the process is completed, you will be able to see all your LDAP users and groups and use your LDAP credentials to access Jira.