View Source

LDAP integration lets you use user credentials stored in your directory service to log into YouTrack. Please note, that LDAP integration does not download all users from LDAP after setup. A new YouTrack user account is created for a user upon the first login to YouTrack.

{panel}(!) Please note, that [*'User registration'*|Managing Basic Settings#User Settings] option in the *Administration > Settings* should be enabled in order to create new user accounts for LDAP credentials.{panel}


This integration feature is bundled in YouTrack and is configured in the *Administration* area of your installation:
!adminLdapIntegration.png|thumbnail!



h2. Configuring LDAP Integration

*To enable LDAP integration:*
# In the *LDAP Integration* tab, click *Enable LDAP Integration*.
# Enter the URL of your LDAP server.
# To make sure that the connection with your LDAP server works:
## Click *Test connection*.
## In the *Test LDAP Login* dialog box, enter a pair of user credentials stored in your directory service:
*** {{domain\username}} in the *Login* field.
*** {{password}} in the *Password* field.
## Click *Test Login*.
## If an error message if displayed, check your user credentials and/or server URL.
## Click *Done* to close the *Test LDAP Login* dialog box.
# To open *Advanced options* click an arrow to expand advanced options pane.
# If needed specify transformation pattern, which will be applied to a trimmed login name (login name with removed prefix before slash; for example, {{smith}} as a trimmed user login name for {{WORKGROUP/smith}} full user name) entered by a user. User-entered login name can be referenced as {{$login$}}. By default, no transformation is applied. Transformation pattern sample: {{UID=$login$,DC=example,DC=com}}.
# If needed, specify pattern for search query searching a user by a specific login name. By default, the following pattern is used: {{(aAMAccountName=$login$)}}. {note:title=Important note}Please note that parentheses are necessary in Query pattern: enter {{(uid=$login$)}} instead of {{uid=$login$}} . {note}


h4. Sample Configuration

Here is an example of configuration settings for LDAP integration:

{code}
URL: ldap://server:389/dc=company,dc=com
Transform: uid=$login$,ou=People,dc=company,dc=com
Query: (uid=$login$)
{code}



In the administration web UI the above configuration looks like this:
!adminLdapIntegrationEg.png|thumbnail!