Garbage in, garbage out

The adage is pretty widely known, but every once in a while the realization creeps up on me that my input is occasionally of the type that should be gently placed in the recycle bin and carried to the curb.

I now have Confluence bound to our active directory, and following that accomplishment I got it to automatically stick users into the confluence-users group when they log in. I was pretty excited that it pulled all the usernames over and is syncing live with the LDAP, but I hadn’t gotten groups figured out until a guy from Enterprise Systems (a different group in my department–I’m in User Support) dropped in. He’s been helping me understand LDAP better and I’ve been bouncing ideas off him, so when I mentioned the groups issue (where I wanted Confluence to pull Groups/Roles from our AD so we can manage it from our standard account management system), he asked about how I had it set up and to what container I was pointing Confluence. Something he said sparked a realization and I changed one small tag (two letters, in fact) which fixed Confluence. It’s now pulling the groups I wanted it to pull.

I simply hadn’t given it the right parameters, and while I wish something could “Just Work,” that’s never actually the case. So now, both users and their groups are pulling from the AD. It’s not set up correctly on the AD for Confluence (I’m pulling the groups associated with our current “Common” folders, which are often used for shared documents, so it seemed like a good idea at the time), but it’s a fantastic proof of concept and it wouldn’t be hard to create a new locker with groups structured just for Confluence, should we decide to buy the software.

I’m just excited that it works. It has certainly been a frustrating process, but learning AD binding, how to search for and run queries against an LDAP server, and how to structure all this stuff has been a really valuable experience. I should probably spend some time tomorrow documenting how I got it to work so I have some point of reference for the next time this comes around (hopefully soon, if we buy Confluence).

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s