Confluence is a team collaboration and administration tool made by Atlassian. It supports using LDAP as an authentication mechanism into its interface. General instructions for setting up LDAP can be found here:
Detailed instructions on how to use Foxpass's LDAP with Confluence are below.
Note your Base DN on the dashboard page and mark it down.
Create an LDAP Binder account with the name 'confluence' (or easily identifiable) on the LDAP binders page. Copy/paste the generated password! It is only displayed once.
Also make a note of the binder's CN (i.e. cn=confluence,dc=≪example≫,dc=≪com≫).
- Click the cog icon, then choose General Configuration
- Click User Directories in the left-hand panel
- Add a directory and select LDAP type
- Next, configure the server settings as outlined below, inserting your own information where marked by the double arrows
Name: Foxpass LDAP
Directory Type: OpenLDAP
Password: ≪binder password≫
Base DN: dc=≪example≫,dc=≪com≫
Additional User DN: ou=people
Additional Group DN: ou=groups
If you'd like to create additional local Confluence groups in addition to the ones in Foxpass, choose Read Only, with Local Groups. Otherwise, select Read Only to use Foxpass as your sole source of truth. Further information can be found in Atlassian's documentation.
Secure SSL: Checked (automatically checked via port 636 configuration)
Enable Nested Groups: Unchecked
Use Paged Results: Unchecked
Follow Referrals: Unchecked
Naive DN Matching: Checked
Update group memberships: Every time user logs in
Synchronisation Interval (minutes): 30
Read Timeout (seconds): 120
Search Timeout (seconds): 60
Connection Timeout (seconds): 10
User Object Class: inetOrgPerson
User Object Filter: (objectclass=inetOrgPerson)
(Optional) Alternative: (objectclass=posixAccount) (this will filter out standard users)
User Name Attribute: uid
User Name RDN Attribute: cn
User First Name Attribute: gn
User Last Name Attribute: sn
User Display Name Attribute: cn
User Email Attribute: mail
User Password Attribute: userPassword
User Password Encryption: ssha
User Unique ID Attribute: entryUUID
Group Object Class: groupOfNames
Group Object Filter: (objectClass=groupOfNames)
(Optional) Alternative: (objectclass=posixGroup) (this will filter out non-posix groups)
Group Name Attribute: cn
Group Description Attribute: description
Group Members Attribute: member
User Membership Attribute: memberOf
Use the User Membership Attribute: Checked
After that you're good to go!
Updated almost 4 years ago