Details
-
Suggestion
-
Resolution: Won't Do
-
None
-
None
Description
NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion.
Basic example AD setup is as follows:
Groups `- Security Groups `- Confluence `- Confluence Users `- Confluence ReadOnly Users `- Confluence Space1 Users `- Department Groups `- Department1 `- Department2
We've set up the AD Base DN to the AD base, then set Additional Group DN to "OU=Confluence,OU=Groups".
Confluence now sees the 3 Confluence related groups only, without dumping all hundreds of groups we have in AD into the Confluence system, this works very well.
However, I've added Department1 and Department2 into the various Confluence groups, and they're not being recursed into, I assume because they are outside the Additional Group DN. This means no users are added into their groups, even though AD-wise, they are in there.
This is not a unique setup, and I've found a few other cases using Google running into the same issues.
It would be beneficial to just recurse through all groups given, regardless of Additional Group DN - or at least have an option to do so.
Attachments
Issue Links
- relates to
-
CONFCLOUD-37523 Active Directory/LDAP groups do not recurse outside group base
- Closed