Our organization uses JIRA for tracking facility and IT tickets from employees. We have LDAP authentication set up for password verification. Currently I need to manually create each new JIRA account when someone joins the team. Is there a way to build an automated process that scans our LDAP directory and creates corresponding JIRA accounts for new users? Looking for guidance on implementation approaches.
We did this two years ago and it’s been solid. Skip building custom stuff - just use JIRA’s built-in LDAP sync. It connects directly to your LDAP server and auto-creates accounts based on group membership or OU filters. The trick is mapping LDAP fields to JIRA user properties correctly. We run it every few hours during business days to catch new hires fast. Watch out for deactivation though - make sure it disables accounts when people leave active LDAP groups. Took some tweaking upfront but now it runs itself and saves tons of admin work.
JIRA User Server integration is what you want. I set this up about 18 months ago and it handles both authentication and user provisioning automatically. You’ll configure the LDAP directory in JIRA’s User Management section, then enable automatic user creation on login. The key difference from sync jobs? Accounts get created the first time someone logs in - no waiting for batch processes. Make sure your LDAP schema has email addresses and display names mapped properly. One gotcha we hit: permission schemes. New auto-created users won’t have project access until you assign them to groups, so plan your default group assignments ahead of time.
if ur using the latest jira, definitely check out the REST API! we went that route and it let us customize user groups better. runs every night with cron and handles 500 users fine. way more flexible than just the built in sync.