Using Wildcards in LDAP userSearch queries

Related content

  • No related content found

Still need help?

The Atlassian Community is here for you.

Ask the community

Platform notice: Server and Data Center only. This article only applies to Atlassian products on the Server and Data Center platforms.

Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.

*Except Fisheye and Crucible

This article only applies to Bamboo versions below 6.6


Problem

Writing LDAP userSearch queries for multiple Active Directory groups with memberOf filters can quickly become a long string of OR-concatenated filters.

Shortening these should be possible with wildcards *, but this will not work when configured in Bamboo's atlassian-user.xml file.

Cause

Unfortunately, the LDAP services themselves do not support wildcarding of memberOf and other "Distinguished Name" attributes.

From Active Directory: LDAP Syntax Filters - TechNet Articles (TechNet Wiki):

The wildcard character * is allowed, except when the <AD Attribute> is a DN attribute. Examples of DN attributes are distinguishedName, manager, directReports, member, and memberOf.

Resolution

Since the wildcards are not supported, the only solution is to use longer LDAP userSearch queries.


Description

Writing LDAP userSearch queries for multiple Active Directory groups with memberOf filters can quickly become a long string of OR-concatenated filters.

Shortening these should be possible with wildcards *, but this will not work when configured in Bamboo's atlassian-user.xml file.



Last modified on Nov 4, 2019

Was this helpful?

Yes
No
Provide feedback about this article

Related content

  • No related content found
Powered by Confluence and Scroll Viewport.