Uploaded image for project: 'Confluence Data Center'
  1. Confluence Data Center
  2. CONFSERVER-92637

LDAP User Loses all Local Group Memberships If LDAP Sync is unable to find the User, but the User appears again in subsequent syncs

XMLWordPrintable

      Summary

      When users are filtered out/synchronized from Confluence and re-synchronized back into Confluence, they will lose their Local Group Membership.

      Environment

      • Confluence 8.0.2
      • All types of LDAP directory

      Steps to Reproduce

      1. Add a connection to LDAP in Confluence Admin >> User Directories with the Read Only, with Local Groups option
      2. Sync the directory and make sure that LDAP users are created in Confluence
      3. Add 1 LDAP user to a local group (membership)
      4. Change the User filter or Base DN such that the previously synchronized user cannot be pulled
      5. Rerun the synchronization
      6. The user will be marked as disabled (when you search for the user)
      7. Rerun the synchronization, this time user will be moved under "unsync from directory" tab and no longer be searched as per the expected functionality
      8. Now change the filter back to the original value and perform a Full sync again
      9. This time users are enabled again and can be searched
      10. Check the user groups no longer include the local groups

      No Workaround is available for now

        1. image-2023-10-16-19-36-05-012.png
          image-2023-10-16-19-36-05-012.png
          339 kB
        2. image-2023-10-16-19-37-03-291.png
          image-2023-10-16-19-37-03-291.png
          130 kB
        3. image-2023-10-16-19-37-56-578.png
          image-2023-10-16-19-37-56-578.png
          153 kB
        4. image-2023-10-16-19-39-00-929.png
          image-2023-10-16-19-39-00-929.png
          410 kB
        5. image-2023-10-16-19-40-31-769.png
          image-2023-10-16-19-40-31-769.png
          130 kB
        6. image-2023-10-16-19-41-26-616.png
          image-2023-10-16-19-41-26-616.png
          122 kB
        7. image-2023-10-16-19-42-53-392.png
          image-2023-10-16-19-42-53-392.png
          172 kB

            [CONFSERVER-92637] LDAP User Loses all Local Group Memberships If LDAP Sync is unable to find the User, but the User appears again in subsequent syncs

            DIZ Dresden added a comment -

            Hello Atlassian Team,

            we are also affected and with a large number of users from the Active Directory, the effort required for subsequent correction is very high.
            I hope there will be an update here soon, but the categorisation as bug and low does not bode well.

            Best regards

            DIZ Dresden added a comment - Hello Atlassian Team, we are also affected and with a large number of users from the Active Directory, the effort required for subsequent correction is very high. I hope there will be an update here soon, but the categorisation as bug and low does not bode well. Best regards

              Unassigned Unassigned
              d51fc966722f Shivangi Nayak
              Affected customers:
              6 This affects my team
              Watchers:
              9 Start watching this issue

                Created:
                Updated: