Details
-
Suggestion
-
Resolution: Duplicate
-
None
-
None
Description
Customers with large LDAP directory will hit into sync issue in Confluence 3.5.x.
The current recommendation is to create a more specific LDAP search filter, failing that we recommend using Delegated LDAP directory.
It is unfortunately not easy for these customers to just use Delegated LDAP, primarily because their LDAP users will lose their original group membership (eg. LDAP groups and other local groups). These need to be created manually by the admin.
We should create an option to allow these customers to move their user management to Delegated LDAP after upgrade.
Kind of a combination of CONF-22090 and CONF-22295. And perhaps make the jsp smarter so it can automatically create LDAP groups in the delegated directory (by scouring the spacepermissions table)?
Attachments
Issue Links
- duplicates
-
CONFSERVER-22463 Support migration of pre-3.5 groups and memberships of external users to 3.5+ "Internal with LDAP authentication" directory
- Closed