How to connect FishEye to Active Directory or another LDAP server

You use Active Directory (AD) for managing your users and you would like to connect FishEye to AD to authenticate users. For many administrators this can be confusing because AD tries to hide the complexities of LDAP from the user.

1. Download and install Apache Directory Studio.
2. Once installed Apache Directory Studio go into File -> New -> LDAP Connection and follow the wizard. The details you enter in step 2 will be the inital bind user / password for FishEye.
   
   
   
   
3. Now we have a connection to AD. Browse to the location where your users are stored. In my case its under CN=Users,DC=test2,DC=local. Here I select a user Administrator. At the very top we see the DN. This is how we identify the users.
   
   In this instance the DN is CN=Administrator,CN=Users,DC=test2,DC=local, so the Base DN for FishEye would be CN=Users,DC=test2,DC=local. CN=Administator identifies the user, so the user filter would be (CN=${USERNAME}).

   For Active Directory: Windows logins use sAMAccountName as the login username, so it is more correct to use (sAMAccountName=${USERNAME}) as the User ID filter if you want to match the FishEye/Crucible logins to Windows logins.

4. For the UID attribute, email attribute and the display name attribute, I can get that information from the right hand pane above. In my case UID attribute is cn, the email attribute is mail and the display name attribute is displayName.
5. With all that information we are now ready to connect FishEye to AD. To summarise we have:
   

   LDAP URL	ldap://w2003domain.sydney.atlassian.com:389
   ベース DN	CN=Users,DC=test2,DC=local
   User Filter	(CN=${USERNAME})
   UID Attribute	cn
   Email Attribute	メール
   Display Name Attribute	displayName
   Initial Bind user	Administrator
   Initial bind password	パスワード

6. Placing that information into FishEye:
   
   

Useful References

• LDAP authentication
• http://www.computerperformance.co.uk/Logon/LDAP_attributes_active_directory.htm