Details
-
Bug
-
Resolution: Fixed
-
Medium
-
3.5, 3.5.1, 3.5.7
-
None
Description
For some purposes (e.g. to only retrieve users entities from LDAP), one can leave the "Additional Group DN" field empty. However, accidental input is impossible to roll back.
Steps to reproduce:
- Create an LDAP directory in Confluence User Directories
- Fill in all the required fields
- Input some values to "Additional User DN" or "Additional Group DN" field
- Save
- Edit the user directory
- Empty the field set in step 3
- Save
Results:
Values in the Additional User DN or Additional Group DN field still persists
Workarounds:
Update the value manually in the database:
Please do backup your database beforehand:
//Note the ID of the User Directory needs to be updated select * from cwd_directory; //This is to update 'Additional User DN' update cwd_directory_attribute set attribute_value='insert new value here' where attribute_name='ldap.user.dn' AND directory_id='ID_from_the_above'; //This is to update 'Additional Group DN' update cwd_directory_attribute set attribute_value='insert new value here' where attribute_name='ldap.group.dn' AND directory_id='ID_from_the_above';
Possible scenarios:
Upgrade from pre-3.5 will auto-create and auto-fill an LDAP directory. This will also auto-fill the "Additional Group DN" field even though the intention is to retrieve user entities only (i.e. no group retrieval).
Attachments
Issue Links
- is duplicated by
-
CONFSERVER-22703 User Directory update caused System Error when using Oracle
- Closed
- relates to
-
CONFSERVER-35570 unable to input values in "Additional User DN" or "Additonal Group DN"
- Closed