Hi,

The Atlassian Data Center team acknowledges that this issue is causing major friction for some of our customers.

We are in the process of planning our development of solutions for Data Center products, including but not limited to: first, a license utilization warning notification feature, and then features to automatically block adding new users when the licensed seat ceiling is reached, and more.

Further details about these solutions will be provided once they are ready. Please stay tuned and follow our Data Center public roadmap for upcoming updates.

Feel free to leave your comments here so that we can continuously listen to your feedback.

Regards

Atlassian Data Center Team

This design has causes the internal incident several times, could you please change the design? Having 20,000 users impact because just 1 additional user over license doesn't make sense at all. 

The Data Center team is considering providing better license utility management to prevent such situations happens to DC products. Stay tunned.

Regards

Atlassian Data Center team

From a commerical point of view, I can see exactly why this hasn't been addressed over 13 years later: it creates a powerful incentive for customers to upgrade their license.

It's an abysmal customer/end-user experience of course, but that's beside the point.

IMHO, This type of license enforcement is a great way to send your customers RUNNING away from your product.
You're going to set us up for failure by allowing over-provisioning but then SHUTTING OUT ALL USERS including the ones we paid for!?!?

Very Very poor customer service there Atlassian. please fix this quickly... If we can't I fear that my company will seek solutions from your competitors, with more friendly enforcement of license limits.

The current Jira Software server behavior is simply unacceptable... we are in production with hundreds of active users that suddenly are forced to stop their work if just 1 more user is added. It's really incredible that in 2021 Jira Software server still continue to work in this way... 

I've also just had to scramble to restore confluence to a usable state after extra users logged in via LDAP. The current behaviour is unacceptable. I'd vote for the "No users can be added (or received from an external user directory) over the license limit." option

Hello guys!

We had our Conlfuence in read-only mode because one new user has been created automatically and broke our instance.

I totally agree reporter - it should be forbidden to create and/or enable new user if license limit has been hit.

We already have monitoring for user count and don't enable/create manually, but automatically created user absolutely surprised us :-/

Thanks,

Ivan

To get the number of licensed users:

/*
 * Purpose: retrieve number of users that take a license in Confluence
 */
SELECT u.id, u.user_name, u.email_address, g.group_name, d.directory_name
FROM cwd_user u
JOIN cwd_membership m ON u.id=m.child_user_id
JOIN cwd_group g ON m.parent_id=g.id
JOIN cwd_directory d ON d.id=g.directory_id
WHERE g.group_name in (SELECT PERMGROUPNAME FROM SPACEPERMISSIONS WHERE PERMTYPE = 'USECONFLUENCE') AND u.active = 'T'
ORDER BY user_name;

This works with Confluence 5.10.6.

And I run another one to determine if a user could be de-activated based on their last time login:

/*
Purpose: Retrieve list of users ordered by last authenticated in Confluence
 */
 SELECT u.id, u.user_name, g.group_name, d.directory_name, to_timestamp(CAST(cua.attribute_value AS double precision)/1000) AS last_login
 FROM cwd_user_attribute cua
 JOIN cwd_user u ON u.id = cua.user_id
 JOIN cwd_membership m on u.id=m.child_user_id
 JOIN cwd_group g ON m.parent_id=g.id
 JOIN cwd_directory d ON d.id=g.directory_id
 WHERE g.group_name in (SELECT PERMGROUPNAME FROM SPACEPERMISSIONS WHERE PERMTYPE = 'USECONFLUENCE') 
 AND u.active = 'T'
 AND cua.user_id = u.id AND cua.attribute_name = 'lastAuthenticated'
 ORDER BY last_login 

Which table did you run the script from? Thanks

I've now scheduled a small sql script to count the used licenses every day and email me a warning when it exceeds a threshold. IMHO this should be part of Confluence and JIRA core. 

I am in the same situation here. Our licenses exceeded our limit and everyone was locked out. This was a big mess as we comb through which accounts to delete. I would think that such a simple thing will have a solution already after 4 years. I am adding my voice here. We need this feature asap.

Agree with above comments. We had this issue as well and it was very inconvenient. Nobody could work for a day and as it is not very straightforward to disable users if they are synchronized via LDAP.
At least we should get a warning well before the license limit is reached.

From my perspective, this behavior causes major outages of the product over extended periods with massive disruption and cost. This should be treated with the same severity as 'a % of all confluence instances are broken right now', which I imagine wouldn't still be open 4 years later.

Thanks, Robert. This still affects us in 5.1.3 and it's hugely disruptive behavior. Our users are automatically added to the confluence-users group when they log in via LDAP synchronization. When the 2001st user logs in, all existing 2000 users that we are paying for lose their edit privileges. Please fix ASAP.

An extension of the second bullet:

• No users can be added (or received from an external user directory) over the license limit.

In the case that Confluence is configured to auto-add users to a Global Permission group upon login (e.g. confluence-users), the application should be smart enough to not do this if it would exceed the license count. A corresponding warning should be thrown in the logs.