You can configure Stash to use an LDAP directory for delegated user authentication while still using Stash for user and group management. You can either create new user accounts manually in the LDAP directory, or use the option to automatically create a user account when the user attempts to log in, as described in the Copy users on login section below. See also this information about deleting users and groups in Stash. To connect Stash to an LDAP directory for delegated authentication: - Log in to Stash as a user with 'Admin' permission.
- Go to the Stash administration area and click User Directories (under 'Accounts').
- Click Add Directory and select Internal with LDAP Authentication as the directory type.
- Configure the directory settings, as described in the tables below.
- Save the directory settings.
- Define the directory order by clicking the arrows for each directory on the 'User Directories' screen. The directory order has the following effects:
- ディレクトリの順序は、ユーザーおよびグループの検索順序です。
- ユーザーおよびグループへの変更は、アプリケーションが変更権限を持つ最初のディレクトリに対してのみ行われます。
Connecting Atlassian Stash to your external directory is not sufficient to allow your users to log in to Stash. You must explicitly grant them access to Stash in the global permission screen. We recommend that you use groups instead of individual accounts when granting permissions. However, be careful not to add more users to those groups that your Stash license allows. If the license limit is exceeded, your developers will not be able to push commits to repositories, and Stash will display a warning banner. See this FAQ. |
|
このページの内容 
|
|
|
サーバー設定
Manually creating users
Move the delegated authentication directory to the top of the User Directories list and create the user manually (go to Administration > Users > Create user). Using this manual method you must currently create a temporary password when creating users. There is an improvement request to address this: 
If you intend to change the authentication directory of your users from Stash Internal Directory to Delegated LDAP Authentication you must select the option to "Copy User on Login" since you can't create a new user that has the same username as another user in another directory. |
Copying users on login
The settings described in the table below relate to when a user attempts to authenticate with Stash. This authentication attempt can occur either:
- when using the Stash login screen.
- when issuing a Git clone or push command at the command line, for a repository managed by Stash.
LDAP schema
高度な設定
ユーザー スキーマ設定
注:このセクションは、ログイン時のユーザーのコピーが有効な場合のみ表示されます。
グループ スキーマ設定
Note: this section is only visible when both Copy User on Login and Synchronise Group Memberships are enabled.
メンバーシップ スキーマ設定
Note: this section is only visible when both Copy User on Login and Synchronise Group Memberships are enabled.
