Uploaded image for project: 'Atlassian Guard'
  1. Atlassian Guard
  2. ACCESS-2449

Provisioned User's membership is not updating on Atlassian

XMLWordPrintable

      Issue Summary

      When a user account is deleted or removed from Azure Active Directory (Azure AD) and subsequently removed from the dynamic group used for provisioning to Atlassian, the change is not properly reflected in Atlassian. Although the user is deactivated, their group memberships in Atlassian persist.

      Steps to Reproduce

      1. A new user is added to a dynamic group in Azure AD, which is configured for user provisioning to Atlassian.
      2. Provisioning runs, and the user appears in Atlassian with the appropriate group memberships.
      3. Later, the user leaves the organization and is: Deactivated in Azure AD.
        Automatically removed from the dynamic group.
      4. Azure AD provisioning runs again via the Enterprise App, excluding the user who was previously a member.
      5. In Atlassian: The user is deactivated.

      However, group memberships remain unchanged.

      Expected results:

      • The user is deactivated in Atlassian 
      • User's group membership should be updated

      Actual results:

      • The user is deactivated in Atlassian.
      • However, the user's membership to provisioned groups is not removed, leading to potential permission or access inconsistencies.

              2276519a4667 Ryan Van
              49f44d16b06e Himanshu Jadon
              Votes:
              2 Vote for this issue
              Watchers:
              11 Start watching this issue

                Created:
                Updated: