Published Date: April 24, 2026
Validated: Yes
Audience: Everyone
Products and Versions Covered:
- Jama Connect® version(s)
- Cloud/CVC: 9.34.x
- Self-hosted: 9.22.x, 9.28.x
Summary
Jama Connect® LDAP authentication expects the Username Attribute field (and other attribute mapping fields such as Email, Full Name, etc.) to contain a single LDAP attribute name (for example, sAMAccountName or userPrincipalName).
If a full LDAP search filter (for example, (&(sAMAccountName={0})(memberOf=CN=...))) is entered into the Username Attribute field, Jama Connect® may fail LDAP authentication and log an error similar to:
org.springframework.ldap.InvalidSearchFilterException: invalid attribute description
Resolution
Jama Connect® does not support configuring a custom LDAP search filter (for example, memberOf=...) as part of the login configuration via the Username Attribute field.
If you need to restrict which directory users can be searched/authenticated, consider these options instead:
- Scope the Base DN so only eligible users are within the searchable directory tree.
- Implement filtering/access control on the directory side (for example, LDAP proxy, Active Directory configuration), so Jama Connect® can only resolve users who meet eligibility criteria.
- Continue using an administrative process where only approved users are added/enabled in Jama Connect®.
An enhancement request to enable filtering by access group has been logged internally as MAIN-EX-1344.
Additional Resources
- Success Programs
- Success Catalog
- Datasheets
- Request a Solution Offering or Training from the Success Catalog
Feedback:
We welcome your input! Please sign in to leave any comments, suggestions, or ideas for improvement below.
Comments
0 comments
Please sign in to leave a comment.