NOTE: LDAP/Active Directory authentication is only available for FogBugz for Your Server. See using SAML for FogBugz On Site.

Enabling LDAP/Active Directory Authentication

If you are using FogBugz On Site, please see this article about configuring SAML. To enable LDAP or Active Directory authentication, navigate to Admin > Site Configuration > Authentication and select your desired Log On Method.

To see the exact fields FogBugz matches with your LDAP/AD server, see this article.

LDAP / Active Directory Authentication

FogBugz checks users’ passwords against an LDAP directory, such as Windows Active Directory or any other LDAP server. This allows users to use the same password to log on to FogBugz as they use for other purposes such as logging on to their workstation or email.

User accounts must still exist in FogBugz, identified by name and email address. When a user logs in, FogBugz checks that the user exists in the FogBugz database, and then checks the password against the matching name and email in the LDAP server. If you have existing accounts in FogBugz and you want to switch to LDAP, be sure that the names and email addresses in FogBugz exactly match the name and email info on the LDAP server.

Checking Allow LDAP to create new accounts automatically allows any user with a valid LDAP account to log on to FogBugz. The first time they log on, a FogBugz account is created for them. This is an easy way to get large teams setup with access to FogBugz. An administrator can later set individuals permissions via groups.

If you don’t check Allow LDAP to create new accounts automatically, you must manually create new users in FogBugz. Make sure their full name and email address match exactly with the name and email info on the LDAP server. Those users will then be able to log on with their LDAP password.

LDAP Authentication is not available with FogBugz On Demand.

New User Control

Normally only administrators can create FogBugz accounts. This setting determines if anybody can create an account.

If set to “Anybody can create a community account”, this will permit anyone who can access the FogBugz URL to create a community user. These users can only access designated wikis and discussion groups and do not use a license. New community users created in this way initially do not have read or write permissions in any groups. They will have access to any wiki or discussion group which is open to all community users. This option is only present if the Community Users feature is enabled (see blow).

Setting this to “Anybody can create a normal account” you will allow anyone who can access the FogBugz URL to make their own normal user account. Normal users do use licenses so generally this option is only used when your FogBugz server is secure inside a firewall and you have a large number of potential users in your organization. New normal users created in this way initially do not have read or write permissions in any groups and must be added explicitly by an administrator. If you are using LDAP Authentication, this option is not present. Instead, check the box Allow LDAP to create new accounts automatically.

Community Users

Allows community users to register to access wikis and discussion groups. Community users cannot use LDAP authentication. Even if normal users are set up for LDAP, community users will still use FogBugz Authentication.