Apps documentation
Active Directory Attributes Sync
Active Directory Attributes Sync
Guides
FAQ
Release notes
Last updated Feb 25, 2021

Update Data post function

Learn how to make changes in your Active Directory right from within Jira

Active Directory Attributes Sync provides an additional post function named Update Data. This post function allows you to perform several actions directly on your LDAP server:

Info
Note

You can use the user picker custom field only with attributes that meet the contains user condition.

Adding post function

Steps

To add the Update Data post function:

  1. Select the workflow you’d like to update and click Edit.
  2. Go to the Diagram view and click on the chosen transition.
  3. Open Post Functions settings from the right-hand side menu.
  4. Click Add post function.
  5. Select Deviniti [Active Directory Attributes Sync] - Update Data post function.
  6. Click Add.
  7. Select the Connection.
  8. Select the Action.
  9. Set necessary parameters for the selected action (see the relevant table in the description of your selected action).
  10. Click Save.
  11. Remember to Publish the changes.

Result

New Update Data post function is added to your workflow.

Info

For more information on using post functions in a workflow, see the official Atlassian documentation.

Comment settings

The post function Update Data can also add comments to issues after every operation on your AD. It shows a confirmation when a change has been made, or errors when the operation hasn’t been executed successfully.

You decide whether the comments should appear in the Customer Portal or only internally. If you wish, you can also turn this function off, so that no comments get generated.

You can set it up while adding the post function to a workflow. Choose one of these three options:

  1. Internal: A comment will only be added to the Jira issue, so if reporters use the Customer Portal they won’t be able to see the comments.
  2. Public: The comment will be visible in Jira but also in the Customer Portal, so the reporters will be able to track the progress of their request.
  3. Disabled: No comments will appear in the comments section - either in the Jira issue view or in the Customer Portal.
Active Directory Attributes Sync for Jira - Update Data: Adding Comments
Active Directory Attributes Sync for Jira - Update Data: Adding Comments

Create user in AD

With the Update Data post function you can create new users in your AD directly from Jira.

Info

Please keep in mind that you can create only one user upon one workflow transition.

Note

When you create a user in AD using this post function, only the following attributes are synchronized:

  • cn
  • displayName
  • mail
  • userpassword
  • login field (if it’s different from cn, for example sAMAccountName)

All other attributes must be updated manually in your AD.

Steps

To create a user in AD:

  1. Add the post function to your workflow.
  2. Select Create user in AD as the Action.
  3. Configure the parameters described in the below table.
Active Directory Attributes Sync for Jira - Update Data: Create user in AD
Active Directory Attributes Sync for Jira - Update Data: Create user in AD

Table: List of parameters for Create user in AD

Parameter Description
Custom field for username Select a custom field to retrieve the username value from.
Custom field for user full name Select a custom field to retrieve the user’s full name value from.
Custom field for user email Select a custom field to retrieve the user’s email address value from.
Custom field for password Select a custom field to retrieve the user’s password value from.
Object classes for user Enter the name of the class used for the LDAP user object.
For more classes, separate them with a comma (,).
Default values: top, person, organizationalPerson, user.
User Base DN Enter the subtree to which the user will be added.
For example: cn=users,dc=example,dc=com.
User Attribute DN Enter the RDN (relative distinguished name) attribute to use in DN (distinguished name) of the user in your LDAP server. This attribute will be used as username when loading the user in Jira. Learn more.
Default value: cn.
Activate account on creation Check this box to make the account instantly active.
Show post-function execution results as a comment Go to the Comment settings for more information.

Result

When an issue passes the selected transition, the chosen custom fields allow for creating a user in AD.

Add user to AD group

This post function mode allows for:

  • adding a user to one AD group
  • adding multiple users to one, or more, AD groups using a User Picker (multiple users)
  • adding users to multiple existing AD groups that can be selected with a Group Picker (multiple groups) or typed in manually in a Text field
  • creating a new AD group and adding users to it in a single step
Note

When typing a list of AD groups into a Text field, separate your entries with a comma (,) or a semicolon (;) with no spaces on either side.

Warning

While using the Add user to AD group action, make sure that the group information is placed in the Connection section. For more information, see Configuring connection settings.

Adding users to existing groups

Steps

To add users to AD groups:

  1. Add the post function to your workflow.
  2. Select Add user to AD group as the Action.
  3. Configure the parameters described in the below table.
Active Directory Attributes Sync for Jira - Update Data: Add user to AD group
Active Directory Attributes Sync for Jira - Update Data: Add user to AD group

Table: List of parameters for Add user to AD group

Parameter Description
Affected user Select a user who will be added to the Active Directory group. It can be Reporter, Assignee, Current user, or User from CF (for example, a User Picker (multiple users) that will allow you to select multiple AD users).
Source value Select the specific Active Directory group to which the user will be added. Choose the Group name option to define the group right in the post function configuration. Select Group from CF to be able to use a custom field, for example a Group Picker (multiple groups).
Create a group that doesn’t exist in AD Check this box to create a new group in AD. Details are described in the section.
Type group name It is visible if only Group name in Source value is selected. Type in the name of a group which exists in your Active Directory.
Show post-function execution results as a comment Go to the Comment settings for more information.

Creating a new AD group

With this post function mode you can also create a new AD group and add users to it at the same time. Here are the necessary configurations steps - you’ll find them explained in the table below:

Active Directory Attributes Sync for Jira - Update Data: Creating a new AD group
Active Directory Attributes Sync for Jira - Update Data: Creating a new AD group
Parameter Description
Object classes for group Default values for Microsoft Active Directory (top,group) are pre-populated. You can adjust them to work with your particular connection.
Additional attributes Default values for Microsoft Active Directory ({"groupType": "2"}) are pre-populated. You can adjust them to work with your particular connection.
Groups Base DN Type in your Group Base DN. In most cases it will be identical to the one that your provided in the details of your connection configuration.

Result

Selected users can be added to selected (or newly created) AD groups.

Adding user from a custom field

There are three Jira fields that you can use to determine which user should be added to a group:

  • Assignee
  • Reporter
  • Current user

If the user you’d like to add doesn’t match any of those, you can use a custom field.

Steps

To add a user from a custom field:

  1. Create a Text Field (single line) custom field.
  2. Type in the word Username as the custom field’s name (or choose a different one that will be easy to find)

    Active Directory Attributes Sync for Jira - Update Data: Add user to AD group from a custom field
    Active Directory Attributes Sync for Jira - Update Data: Add user to AD group from a custom field

  3. Add the post function Deviniti [Active Directory Attributes Sync] - Update Data > Add user to AD group to your project’s workflow.

  4. Select the Username custom field from the drop-down list next to Affected user.

    Active Directory Attributes Sync for Jira - Update Data: Add user to AD group from a custom field
    Active Directory Attributes Sync for Jira - Update Data: Add user to AD group from a custom field

  5. Type in the user’s AD username into the text field on the issue view.

Result

The selected user is added to the chosen AD group.

Tip

To add more users to the group, use the User Picker (multiple users) custom field.

Update user’s attribute in AD

Steps

To update a user’s attribute in AD:

  1. Add the post function to your workflow.
  2. Select Update user’s attribute in AD as the Action.
  3. Configure the parameters described in the below table.
Active Directory Attributes Sync for Jira - Update Data: Update user's attribute in AD
Active Directory Attributes Sync for Jira - Update Data: Update user's attribute in AD

Table: List of parameters for Update user’s attribute in AD

Parameter Description
Affected user Select a user. It can be the Reporter, Assignee, Current user or a chosen custom field.
Field Select a LDAP field containing the value of the user’s attribute in Active Directory.
New value Select a Jira custom field containing a new value for this attribute. You may also choose a static value.
Type attribute value It is visible only when a static value is selected in the New value field. Type in the value which will update selected user’s attribute.
Show post-function execution results as a comment Go to the Comment settings for more information.

Reset user password in AD

Steps

To reset the user’s Active Directory password:

  1. Add the post function to your workflow.
  2. Select Reset user password in AD as the Action.
  3. Configure the parameters described in the below table.
Active Directory Attributes Sync for Jira - Update Data: Reset user password in AD
Active Directory Attributes Sync for Jira - Update Data: Reset user password in AD

Table: List of parameters for Reset user password in AD

Parameter Description
User field Select user whose password should be reset. You can choose one of those: Assignee, Reporter, User Picker (single user), or User Picker (multiple users).
Custom field for new password Select a custom field for the new password (it should be a Text field).
Show post-function execution results as a comment Go to the Comment settings for more information.

Disable/Enable user account in AD

Steps

To disable or enable user’s Active Directory account:

  1. Add the post function to your workflow.
  2. Select Disable/enable user account in AD as the Action.
  3. Configure the parameters described in the below table.
Active Directory Attributes Sync for Jira - Update Data: Disable/enable user account in AD
Active Directory Attributes Sync for Jira - Update Data: Disable/enable user account in AD

Table: List of parameters for Disable/enable user account in AD

Parameter Description
Operation You can choose on of those: Enable User or Disable User.
User field Select field / custom field which contains user. Assignee, Reporter, User Picker (single user), or User Picker (multiple users). It can also be a Text field but it’s necessary to store the userName attribute.
Show post-function execution results as a comment Go to the Comment settings for more information.

Remove user from AD group

Steps

To remove a user from an Active Directory group:

  1. Add the post function to your workflow.
  2. Select Remove user from AD group as the Action.
  3. Configure the parameters described in the below table.
Active Directory Attributes Sync for Jira - Update Data: Remove user from AD group
Active Directory Attributes Sync for Jira - Update Data: Remove user from AD group

Table: List of parameters for Remove user from AD group

Parameter Description
Affected user Select the user who will be removed from the chosen Active Directory group. It can be Reporter, Assignee, Current user, or User from CF (for example, a User Picker (multiple users)).
Source value Select the specific Active Directory group from which the user will be removed. Choose the Group name option to define the group right in the post function configuration. Select Group from CF to be able to use a custom field, for example a Group Picker (multiple groups).
Type group name It is visible only after selecting Group name as the Source value. Type in the name of a group which exists in your Active Directory.
Show post-function execution results as a comment Go to the Comment settings for more information.
Warning

While using the Remove use from AD group action, make sure that the group information is placed in the Connection section. For more information, see Configuring connection settings.

Unlock user account in AD

This operation allows you to unlock an AD account that has been locked, for example after a user provided a wrong password too many times.

Steps

To be able to unlock a user account in Active Directory:

  1. Add the post function to your workflow.
  2. Select Unlock user account in AD as the Action.
  3. Configure the parameters described in the below table.
Active Directory Attributes Sync for Jira - Update Data: Unlock user account in AD
Active Directory Attributes Sync for Jira - Update Data: Unlock user account in AD

Table: Unlock user account in AD

Parameter Description
User field Select the user whose account should be unlocked. It can be Reporter, Assignee, Current user, or User from CF (for example, a User Picker (multiple users)).
Show post-function execution results as a comment Go to the Comment settings for more information.
Note

It’s not possible to lock a user account with this post function. An AD account can be locked only after a certain number of failed login attempts that can be defined in your Active Directory.

Need help?

If you can’t find the answer you need in our documentation, raise a support request. Include as much information as possible to help our support team resolve your issue faster.