Uploaded image for project: 'Confluence Data Center'
  1. Confluence Data Center
  2. CONFSERVER-22296

Provide an option to select user directory on adding users

    • 5
    • 31
    • We collect Confluence feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

      NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion.

      Atlassian status as of October 26, 2018

      I’m excited to let you know that the latest release of Crowd Data Center features the ability for you to delegate user admin management to space admins, with the ‘delegated group level admin’ feature.

      For those of you who aren’t familiar with Crowd Data Center, it offers one place to manage your users, groups and directories and easily integrate your identity infrastructure across all self-hosted Atlassian products

      I’m leaving this suggestion open, as I appreciate that this only provides a solution to those of you who currently have, or are considering investing in Crowd. However, to set expectations, this isn’t something we’re currently planning on working on within Confluence Server.

      Best
      Jenny | Senior Product Manager, Confluence Server

      It would be good if there is an option for an admin to select which user directory the new user should be added into on adding new user.

      Possible scenarios
      • Adding a new user to INTERNAL (or any non-first) directory is not possible if DELEGATING directory is the first in user directories list.
      • Adding a new user to multiple user directories is not possible. Perhaps an admin wanted to have few users added to DELEGATING and INTERNAL directory. Reason could be that when LDAP is down/inaccessible, these users still can login using their INTERNAL passwords.
      Workaround

      Confluence Admin can swap the order of User Directories since currently in Confluence, the new user will get created in the first directory with write access rights listed in User Directories.

      Further finding

      JIRA has done this well, see JRA-23933. In JIRA, a dropdown option now will appear once there is an INTERNAL and at least one DELEGATING directory:

            [CONFSERVER-22296] Provide an option to select user directory on adding users

            Atlassian Update – 06 February 2025

            Hi everyone,

            Thanks for your interest in this suggestion! In Confluence 9.3.1, we’ve added an option that lets admins choose the user directory where a new user will be added during the user creation process.

            I’ve set up separate suggestions (CONFSERVER-99159 and CONFSERVER-99158) to track requests for the option to select the user directory when editing or deleting a user.

            While we don’t have a specific timeframe for these suggestions yet, we’ll keep you informed of any updates.

            Kind regards,

            Jacqueline Bietz

            Product Manager - Confluence Data Center

            Jacqueline Bietz added a comment - Atlassian Update – 06 February 2025 Hi everyone, Thanks for your interest in this suggestion! In Confluence 9.3.1, we’ve added an option that lets admins choose the user directory where a new user will be added during the user creation process. I’ve set up separate suggestions ( CONFSERVER-99159 and CONFSERVER-99158 ) to track requests for the option to select the user directory when editing or deleting a user. While we don’t have a specific timeframe for these suggestions yet, we’ll keep you informed of any updates. Kind regards, Jacqueline Bietz Product Manager - Confluence Data Center

            A fix for this issue is available in Confluence Server and Data Center 9.3.1. Upgrade now or check out the Release Notes to see what other issues are resolved.

            Akshay Kumar added a comment - A fix for this issue is available in Confluence Server and Data Center 9.3.1. Upgrade now or check out the Release Notes to see what other issues are resolved.

            I'm totally blown up that the functionnality doesn't exist yet

            Laurent Delplanque added a comment - I'm totally blown up that the functionnality doesn't exist yet

            Ingo Mohr added a comment - - edited

            Selecting the user directory should work the same as for Jira Server where you have a drop-down box to select the user dir. 

            In Confluence - atm , you have to go all the way back (if you forgot to update the directories order), delete the user, change the user dir order and then create the account again.

            We should be able to do better.  

            Ingo Mohr added a comment - - edited Selecting the user directory should work the same as for Jira Server where you have a drop-down box to select the user dir.  In Confluence - atm , you have to go all the way back (if you forgot to update the directories order), delete the user, change the user dir order and then create the account again. We should be able to do better.  

            If we swap the user directories, the user registered in the old order will still be in the db and if we try to pull a report of user list, it will have multiple rows for the same user from multiple ADs. Is there a better way to pull the user list for only the last authenticated user directories?

            Thanks,
            Dani.

            Dani Chakiath Varghese added a comment - If we swap the user directories, the user registered in the old order will still be in the db and if we try to pull a report of user list, it will have multiple rows for the same user from multiple ADs. Is there a better way to pull the user list for only the last authenticated user directories? Thanks, Dani.

            Adding my voice to this: please make it easy to choose between 'local' and 'directory' authentication for a user, given that if the latter is selected, the username matches a user attribute from the directory. This is present in JIRA, so get someone to port the feature across to remove this inconsistency between products and improve functionality.

            -R

            Richard Green added a comment - Adding my voice to this: please make it easy to choose between 'local' and 'directory' authentication for a user, given that if the latter is selected, the username matches a user attribute from the directory. This is present in JIRA, so get someone to port the feature across to remove this inconsistency between products and improve functionality. -R

            Wow. A five year old bug that's solved in another one of your products? That's crazy. I mean.. we can't add users. That's BIG.

            Owen Manske added a comment - Wow. A five year old bug that's solved in another one of your products? That's crazy. I mean.. we can't add users. That's BIG.

            Please provide a solution for this. Something like https://jira.atlassian.com/browse/JRA-23933 would be great.

            Andreas von Euw added a comment - Please provide a solution for this. Something like https://jira.atlassian.com/browse/JRA-23933 would be great.

            Same issue and this should be considered a show stopper IMO when it comes to security with the product. Not being able to monitor who is gaining access to the dashboard is a problem with the copy user at login. We need to be able to assign directories as admins so we can keep an eye on who is gaining access and at what level.

            Gregory Hicks added a comment - Same issue and this should be considered a show stopper IMO when it comes to security with the product. Not being able to monitor who is gaining access to the dashboard is a problem with the copy user at login. We need to be able to assign directories as admins so we can keep an eye on who is gaining access and at what level.

            I just disabled the "Copy User on Login" setting for our two directories because it was resulting in some undesirable changes being re-written from the directories when users logged in. However, this action puts me squarely in the situation that this ticket describes - that Confluence doesn't actually allow me to add users from different directories (2 LDAP directories and the internal directory for my setup).

            Note that when using the workaround specified in the description and selecting the option to not send out an email notification, Confluence incorrectly requires a password to be set for the LDAP user.

            Stephen Hodgson added a comment - I just disabled the "Copy User on Login" setting for our two directories because it was resulting in some undesirable changes being re-written from the directories when users logged in. However, this action puts me squarely in the situation that this ticket describes - that Confluence doesn't actually allow me to add users from different directories (2 LDAP directories and the internal directory for my setup). Note that when using the workaround specified in the description and selecting the option to not send out an email notification, Confluence incorrectly requires a password to be set for the LDAP user.

              richatkins Richard Atkins
              halatas HuseinA
              Votes:
              108 Vote for this issue
              Watchers:
              82 Start watching this issue

                Created:
                Updated:
                Resolved: