Groups and Users maintained in Microsoft Windows Active Directory are not properly being added to JIRA

Platform Notice: Cloud and Data Center - This article applies equally to both cloud and data center platforms.

Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.

*Except Fisheye and Crucible

Symptoms

Groups and Users maintained in Active Directory are not being properly synchronized into JIRA.

Cause

There are 3 known possible causes.

  1. There are Group names that contain special characters such as & (Ampersand), _ (Underscore), Umlaut such as å/Å, ä/Ä and ö/Ö in the AD

  2. Membership in Active Directory seems to be missing for some groups. Usually the "member" attribute is used for this.

  3. Duplication of groups in JIRA internal directory and Active Directory

Resolution

Each of the causes above have their respective resolution

  1. Remove these groups from the synchronization.

    1. This can be done with an LDAP filter

    2. Rename the groups in the AD itself

  2. Check the membership in Active Directory whether the member attribute in the group was missing

  3. Avoid using the same duplicate group names in both Active Directory and JIRA internal directory which will cause membership issues later on

Updated on April 8, 2025
Platform
Cloud and Data Center
Products
Jira Software Cloud
Jira Software Data Center
On this pageSymptomsCauseResolution

Still need help?

The Atlassian Community is here for you.
Ask the Community