connect to crowd with ldap client

Posted by

I have tried to access Atlassian Crowd via a LDAP interface. Currently atlassian does not offer such a interface. The reason why I have tried to use the LDAP interface is that a lot of software products offer authentication against a LDAP backend.

Crowd offers only CrwodID for external access which is the obsolete OpenID 2.0. Currently no other external connection is possible. I have contacted Atlassian and asked if there is a plan when they will support the current active OpenID Connect standard. As usual for such companies they just answered we work on it not ETA.

Well because I needed another interface then the old OpenID I search and found this repo.


Now I have a way to go ;-). It’s just a read-only way but better then no way.

I cloned this repo and created a .gitlab-ci.yml to get a runnable jar file. At this point I say thank you gitlab for your excellent framework.

The rest is like follow the doc about Integrating Crowd with a Custom Application and the crowd-ldap-server wiki.

You can use the systemd to run the created jar file as daemon.

I strongly suggest to use a own user to run the app!

useradd -m crowd

You can use this file as a start for your own service file

cat /lib/systemd/system/crowd-ldap-server.service
Description=LDAP Server for Crowd



This is the

cat /home/crowd/app/crowd-ldap-server/

cd /home/crowd/app/crowd-ldap-server


# Apache DS Settings

# SSL Debugging

# Run Server
java $FIXADS $DEBUG_SSL -cp etc -jar $JAR $*

You will need a file before you can use the LDAP Server.

cat /home/crowd/app/crowd-ldap-server/etc/                        crowd-ldap-server
application.password                    <PASSWORD_FROM_CROWD_APPLICATON>
application.login.url                   https://<YOUR_DOMAIN>/crowd/console/

crowd.server.url                        https://<YOUR_DOMAIN>/crowd/services/

session.isauthenticated                 session.isauthenticated
session.tokenkey                        session.tokenkey
session.validationinterval              2
session.lastvalidation                  session.lastvalidation

Now execute the file and see if you are able to connect to crowd.

You can run a simple curl command to get all the users.

curl -v -u "dn=YOUR_CROWD_LOGIN,ou=users,dc=crowd" \

You can now run the crowd-ldap-server as a daemon with the systemd. The logs are in the syslog channel.

journalctl -fl -u crowd-ldap-server

You can also hire me for this or any further topics.

Kommentar verfassen

Trage deine Daten unten ein oder klicke ein Icon um dich einzuloggen:

Du kommentierst mit Deinem Abmelden / Ändern )


Du kommentierst mit Deinem Twitter-Konto. Abmelden / Ändern )


Du kommentierst mit Deinem Facebook-Konto. Abmelden / Ändern )

Google+ Foto

Du kommentierst mit Deinem Google+-Konto. Abmelden / Ändern )

Verbinde mit %s