This page last changed on May 08, 2007 by asridhar.
Before you begin:
Warning: Before proceeding with LDAP integration, please back up your data.

Bamboo at this stage can be integrated with LDAP. This functionality is limited to authenticating and authorisation of users. Bamboo does not let users manage/administer LDAP accounts or user groups.

However, Bamboo will continue to use locally created users, even when LDAP is enabled. This means that locally created users and groups can still be managed via Bamboo.

Also, note that Bamboo does not support multiple LDAP servers. Once LDAP has been enabled on Bamboo, you cannot revert back to a local user management in Bamboo.

Stage 1 - Configure Connection Details

The LDAP server connection is specified by manually editing the file atlassian-user.xml.

  1. Edit the file .../webapp/WEB-INF/classes/atlassian-user.xml and configure the connection AD or LDAP
  2. Check your configuration against the example connection details shown below.
    <ldap key="ldapRepository" name="LDAP Repository@hecate.atlassian.com" cache="true">
        <host>hecate.atlassian.com</host>
        <port>389</port>
        <securityPrincipal>cn=admin,dc=atlassian,dc=private</securityPrincipal>
        <securityCredential>secret</securityCredential>
        <securityProtocol>plain</securityProtocol>
        <securityAuthentication>simple</securityAuthentication>
        <baseContext>dc=atlassian,dc=private</baseContext>
    
    ....
  3. Please ensure that the following line is also active in your atlassian-user.xml (it should be there by default):
    <hibernate name="Hibernate Repository" key="hibernateRepository"  description="Hibernate Repository" />

Stage 2 - Map LDAP Data Tree

  1. To configure the mappings in atlassian-user.xml for either AD or LDAP, please see:
  2. Check your configuration against the example connection details shown below.
    ...
    
        <baseUserNamespace>dc=staff,dc=perftest,dc=atlassian,dc=private</baseUserNamespace>
        <baseGroupNamespace>dc=groups,dc=perftest,dc=atlassian,dc=private</baseGroupNamespace>
        <usernameAttribute>cn</usernameAttribute>
        <userSearchFilter>(objectClass=inetorgperson)</userSearchFilter>
        <firstnameAttribute>givenname</firstnameAttribute>
        <surnameAttribute>sn</surnameAttribute>
        <emailAttribute>mail</emailAttribute>
        <groupnameAttribute>cn</groupnameAttribute>
        <groupSearchFilter>(objectClass=groupOfNames)</groupSearchFilter>
        <membershipAttribute>member</membershipAttribute>
    </ldap>

Stage 3 - Optional LDAP Settings

The following settings do not appear in the default atlassian-user.xml file:

<poolingOn>true</poolingOn>
<maxSize>0</maxSize>
<initSize>10</initSize>
<prefSize>10</prefSize>
<debugLevel>none</debugLevel>
<securityProtocol>plain ssl</securityProtocol>
<authentication>simple</authentication>
<timeout>0</timeout>
<initialContextFactory>com.sun.jndi.ldap.LdapCtxFactory</initialContextFactory>
<batchSize>100</batchSize>
<timeToLive>0</timeToLive>
<userSearchAllDepths>true</userSearchAllDepths>
<groupSearchAllDepths>true</groupSearchAllDepths>


However, if you want to override the default values listed above, you can add the value onto the end like so:

...
    <groupnameAttribute>cn</groupnameAttribute>
    <groupSearchFilter>(objectClass=groupOfNames)</groupSearchFilter>
    <membershipAttribute>member</membershipAttribute>
    <initSize>20</initSize>
</ldap>

It is important that the connection pool timeout value be set to 0, as this will force Atlassian User (via the JNDI layer) to clean up lingering connections that have lived past one request. For more information about LDAP pools please see http://java.sun.com/products/jndi/tutorial/ldap/connect/config.html.

Stage 4 - Assigning LDAP Users to Bamboo Groups

Once Bamboo is started with LDAP enabled, you can assign LDAP users to Bamboo groups. Please see Adding Users to and removing them from Groups.


RELATED TOPICS





Bamboo Documentation Home









Document generated by Confluence on May 08, 2007 23:47