Uploaded image for project: 'Confluence Data Center'
  1. Confluence Data Center
  2. CONFSERVER-21831

Duplicate LDAP user gets counted towards the license even when they do not have a can use permission

    XMLWordPrintable

Details

    Description

      When there is a duplicate user scenario in both local user management and LDAP, where the local user has a can use permission and the LDAP one does not, the duplicate user will be counted towards the license.

      The expected behaviour is that it should not. If we follow this doc it says that users with a can use permission (or belong to a group that has that) will be counted towards the license - but from the admin perspective, the LDAP user management should prevail over the duplicated local user.

      Discrepancies observed:

      • In viewuser.action panel, Confluence reports the user as "This user isn't in any groups."
      • But if we go to domembersofgroupsearch.action?membersOfGroupTerm=groupnameWithACanUsePermission panel, we will see the local user there.

      Attachments

        Issue Links

          is blocked by

          Bug - A problem which impairs or prevents the functions of the product. CONFSERVER-5729 getUsersWithConfluenceAccess() is very slow

          • Medium - Medium priority issues
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. CONFSERVER-21832 Find a way of finding and purging all shadowed users from Confluence

          • Medium - Medium priority issues
          • Closed

          Activity

            People

              matt@atlassian.com Matt Ryall
              rhartono Roy Hartono [Atlassian]
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: