I’m trying to figure out how to stop certain users from being added to Jira during our LDAP sync. We have some LDAP fields like gidNumber and AccountType that I want to use as filters. Is there a way to set up rules so Jira skips over these users during the sync process?
For example, let’s say we want to exclude all users with:
gidNumber greater than 1000
AccountType set to ‘Temporary’
Has anyone done something like this before? Any tips or tricks would be super helpful. I’ve been digging through the Jira docs but haven’t found a clear answer yet.
hey mia, i’ve dealt with this before. you can use the user filters in jira’s directory settings. go to user directories, edit your ldap, and add custom filters. something like:
I’ve been in your shoes, Mia. When we implemented LDAP sync with Jira, we faced similar challenges. One approach that worked well for us was using LDAP query filters directly in Jira’s directory settings.
Navigate to User Directories, edit your LDAP configuration, and look for the ‘User Object Filter’ field. You can input an LDAP query here to exclude specific users. For your case, try something like:
This filter should exclude users with gidNumber >= 1000 or AccountType set to ‘Temporary’. It’s a bit tricky to get right at first, so test thoroughly in a non-production environment.
If you need more complex logic, consider exploring Jira’s API or even developing a custom plugin. But for most cases, LDAP filters should suffice. Good luck with your implementation!
I’ve tackled a similar issue in our organization. While user filters are effective, we found a more robust solution by implementing a custom User Directory Plugin. This approach allowed us to create more complex filtering logic and gave us greater control over the sync process.
We developed a plugin that intercepts the LDAP sync and applies our custom rules. It took some initial setup, but it’s been incredibly flexible for our needs. We can now easily modify exclusion criteria without touching Jira’s core settings.
If you’re comfortable with Java development, this might be worth exploring. It’s especially useful if you anticipate needing to change or expand your filtering rules frequently.