Admin: LDAP
LDAP
LDAP (Lightweight Directory Access Protocol) is supported by many identity management systems such as MS Active Directory, as well as open source alternatives like Apache Directory.
PUM requires LDAP configuration to be added, and referred in the Admin: “Project Group Config” page. Once configured Project Admins are empowered to pull in users data from LDAP when they dynamically adding new users into groups, without the System Admin being involved.
Q. Why doesn’t PUM use the LDAP configuration in Jira
A. It’s not easily accessible, and would not allow the low level finesse that we like to show in apps.
Example Configuration for Active Directory
Creating from example:
We get a configuration, that is listed as INACTIVE (as it is not yet referred to by the Admin: “Space Group Config” page)
Typical attributes are as follows, the “Test Lookup Username” enables the configuration to self validate for connectivity and lookup:
Testing and debugging with LDAP
We added a handy query utility, that allows an LDAP filter expression to be used to locate users, here ‘sAMAccountName’ represents the username in Active Directory. The users shown in Results can be expanded to show the typical attributes (there is no special decoding of some binary fields, so junk can appear).
Jira Allowlist
PUM requires LDAP host urls to be whitelisted, LDAP will not work until this is done, you will see:
Configuration example