Ad/ldap Configuration in JIRA

= = = = Add a LDAP Directory = = =

1. Log in JIRA
2. Setting
3. User Management
4. User Directories
5. Add Directory (Internal with LDAP authentication, Next)
6. To Configure Internal with LDAP authentication User Directory, see the both screenshots attached, i.e. ldap_configuratio N_1.jpg and Ldap_configuration_2.jpg.
7. Test Settings (To see if the connection is successful)
8. Save and Test

= = = Create LDAP Users = = =

1. Log in JIRA
2. Setting
3. User Management
4. Users
* At the "This" stage, you could see both users in the list. One user is in Jira Internal Directory, which are created when you firstly set up Jira. It is the strongly recommended that keep a user in Jira Internal Directory. Once Some errors happended so it LDAP users cannot log in, this Jira Internal Directory can log on to fix the problem. Another user cn1ci0q1 (the user used to configure LDAP).
5. Create User
6. See a screenshot attached for details, i.e. Create New user.jpg.
7. Create
* Then a notification email was sent to the user. Click "JIRA" label in email would open the JIRA login page and the user can login with his or her Windows Active Directory Information.

= = = Set User Group/permission = = =

For example, I want to set my manager to is the Jira-administor. Then:
1. Log in JIRA
2. Setting
3. User Management
4. Users
5. Find the user that I want to change the group for
6. Groups
7. Select "Jira-administrators" in Available Groups and then click "Join selected Groups".
* If you check the user's "Groups" information, he or she has become one of the jira-administrators. An example shortcut are attached as well, i.e. users.jpg.

= = = Troubleshooting = =

1. [Ldap:error code -80090308:ldaperr:dsid-0c0903a9, comment:acceptsecuritycontext error, data 52e, V1DB1]; Nested exception is javax.naming.AuthenticationException: [ldap:error code 49-80090308:LDAPERR:DSID-0C0903A9, Comment : AcceptSecurityContext error, Data 52e, V1DB1] (screenshots attached:ldap Debug Process_screenshot.rar)

　　　　Root cause

The Intern account password have been changed and so the LDAP configuration on JIRA needs to being updated as well (i.e. updat e the password).

Test the connection with new password shows the connection is successful.

The page is then reloaded, and the old password are auto-filled again to the form, leading to the LDAP error after "Sav E and Test ". (The wrong/old password is used)

"Save and Test" button is a available after "Test Connection" button have been pressed, so that I can ' t ' Save and test ' Without "Test Connection".

　　　　Solution

Then according to Dima's suggestion, I played a trick, i.e. re-enter the password after "Test Connection" but before "Save and Test "to ensure, the new password is actually saved.

"An e-mail to Dxxxu"

LDAP users failed to logs in JIRA because of a error "Sorry, an error occurred trying to log you in-please try again." O N Login page. The same error appeared when log in with the same username but wrong password. However, Jira Internal Directory user can still login. So it could is LDAP errors.

Then I logs in with Jira Internal Directory user account and test the connection of LDAP configuration, which reported an E Rror "Connection test failed. Response from the server: [Ldap:error code 49-80090308:LDAPERR:DSID-0C0903A9, comment:acceptsecuritycontext error, D ATA 52e, V1DB1]; Nested exception is javax.naming.AuthenticationException: [ldap:error code 49-80090308:LDAPERR:DSID-0C0903A9, Comment : AcceptSecurityContext error, Data 52e, V1DB1] ".

This error, as explained by Atlassian and Windows, happens when the username are legal but the password or the credential I s invalid. One possible reason is, the password is wrong. However, there could is some other reasons which is hidden by this error.

Changes:

      [1] The company requires Windows Active  Directory users to change their password every three months and  the last change is more than 10 days ago, which i  suppose should not be the reason for this error. We  Haven ' T contact ad administer to confirm what changes they have  made yet.

[2] The password for group\user (used to configure LDAP) have been changed on this Monday. So then I has updated the password in LDAP configuration. Then test the connection and no LDAP error (i.e. connection is successful). Test the connection again gave me the same LDAP error, which looks like the password are not really saved in the database a nd the connection is still using the old password in the LDAP configuration.

I ' ve also tried to add another "Internal with LDAP Authentication" Directory and use the same configuration as the initial One. The same LDAP error was reported.

"An e-mail from Duxxxu"

Most probably you have wrong password, my suggestion would is to follow exactly this steps:

1) Open your AD/LDAP configuration page in Jira for editing (Configure Internal with LDAP authentication User Directo Ry

2) Enter your password

3) Click: "Test Settings"

4) Enter The password again (now has Save button enabled)

5) Click Save and Test button

The reason is, and the entering the first time the password it is correct one, and after testing the settings the Page is reloaded and probably the browser are filling the password field with the wrong one so entering the second time Co Rrect password should solve the problem.

Note:before Following this steps try-to-log in with this user-some remote machine-to-be-sure that the account was not L Ocked.  Usually Siemens account was locked after 3 wrong logins so there be big chances that your account was locked already if you Saved your user with the wrong password.

Ad/ldap Configuration in JIRA