Uploaded image for project: 'Crowd'
  1. Crowd
  2. CWD-4763

Inability for Crowd to detect renamed LDAP groups as Crowd does not track using its LDAP IDs yet

    XMLWordPrintable

    Details

      Description

      As of now, Crowd is not able to detect changes in LDAP groups and its causing other Atlassian application that uses Embedded Crowd not to be able to keep track of individual application's permission as what a group rename is perceived now is by removing the old group name and adding the new group name. This causes tracking problems to individual permission types (whether its Global Permission, Permission Scheme and etc) for each application as they do not 'update' those permissions with the new group name.

      Steps to reproduce:
      1. Connect Bitbucket Server/JIRA/Confluence/FishEye/Crucible to and LDAP user directory
      2. Create a group, groupA on LDAP and sync it over
      3. Grant the group a Global permission
      4. Rename the group in LDAP.
      5. Re-synchronize the LDAP directory.
      6. Verify that the name of the group the users belong to was updated
      7. Check Global Permission and see the original group name is still listed, and the new group name is not listed.
      Workaround:

      Manually add the new group name into Global Permission. However this is a problem when the number of group gets larger by time.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Unassigned Unassigned
              Reporter:
              aer Andrew Er (Inactive)
              Votes:
              11 Vote for this issue
              Watchers:
              15 Start watching this issue

                Dates

                Created:
                Updated: