Best Practice for managing OpenLDAP directory

お困りですか?

アトラシアン コミュニティをご利用ください。

コミュニティに質問

プラットフォームについて: Cloud および Data Center - この記事はクラウドと Data Center 両方のプラットフォームに等しく適用されます。

Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.

*Fisheye および Crucible は除く

Overview heading

This best practice guide is for those who are connecting Confluence with OpenLDAP user directory.

#1. Make sure that group membership contains the full DN of the user

For groups, make sure that the members of a groups are defined by their FQDN instead of their DN. For example, the following group "cn=users" contains 3 members defined by their DNs, which may pose some problems when connecting into Confluence:

example of BAD group LDIF
---------
dn: cn=users,ou=groups,dc=mycompany,dc=com
objectClass: posixGroup
cn: users
gidNumber: 10000
description:: almost everyone
memberUid: john
memberUid: stephen
memberUid: wayne
---


Instead, make sure that the members are defined by their FQDN as per example below:

example of GOOD group LDIF
---------
dn: cn=users,ou=groups,dc=mycompany,dc=com
objectClass: posixGroup
cn: users
gidNumber: 10000
description:: almost everyone
memberUid: uid=john,ou=people,dc=mycompany,dc=com
memberUid: uid=stephen,ou=people,dc=mycompany,dc=com
memberUid: uid=wayne,ou=people,dc=mycompany,dc=com
---

(info) OpenLDAP connector accepts group entries in the format of FQDN, while the OpenLDAP-Posix (Read Only) connection accepts group entries in the format of DN.

最終更新日: 2025 年 1 月 6 日

この内容はお役に立ちましたか?

はい
いいえ
この記事についてのフィードバックを送信する
Powered by Confluence and Scroll Viewport.