-
Suggestion
-
Resolution: Fixed
-
LDAP Delegate for Microsoft AD
Hi everyone,
Thanks for all your votes and comments on this suggestion. Your voice means a lot to us.
We're excited to announce that we've shipped an experimental plugin (Atlassian Labs) for Crowd that is able to do delegated directory user pruning.
This plugin allows to optimize your license usage by periodically cleaning inactive users from your delegated directories. After configuring pruning for a delegated directory the plugin will periodically check if the directory contains any users who have been deactivated or removed from the remote directory.
By default such users will be deactivated in Crowd. It is also possible to enable "hard delete" mode, in which users who have been deleted in the remote directory will also be deleted in Crowd.
This plugin can be downloaded from Atlassian Marketplace here.
Thanks,
Atlassian Crowd Team
When a user is being deleted in the AD, it will not be able to login to Crowd's Applications anymore.
But as the user still exisits in the LDAP Delegate, it will count against the license limits (of Crowd, Confluence, JIRA, whatever).
Support (CWDSUP-4973) told me to deactivate the user in Crowd manually in such cases.
This leads to a double maintenance (delete in AD, deactivate in Crowd). In addition the AD admins might not be Crowd admins.
Crowd could regularly (once per day?) check if the users in their Delegate Directories are still present/active in the AD and then deactivate them if they are not.
- depended on by
-
- Gathering Interest
- duplicates
-
- Closed
- is related to
-
- Closed
-
- Gathering Interest
-
- Gathering Interest
-
- Gathering Interest
-
- Not Being Considered
- relates to
-
CONFSERVER-22337 Cannot disable or remove user in Confluence when user management is delegated to LDAP
-
- Closed
-
-
- Closed
-
- Closed
-
- Closed
-
- Closed
-
- Closed
