Uploaded image for project: 'Crowd Data Center'
  1. Crowd Data Center
  2. CWD-5320

Crowd silently ignores changes to active status of users in Azure AD.

      When Crowd synchronises users for the very first time from Azure AD it will recognise "active" state of users correctly. Unfortunately, on next synchronisations Crowd ignores changes to these statuses, so once they are set, they will never change.

            [CWD-5320] Crowd silently ignores changes to active status of users in Azure AD.

            I can not activate a user which was synchronized as disabled at first. How can the collegue start working now? Re-adding the azure ad directory is no solution, as we will loose the whole configuration in crowd.

            Benjamin Brummer added a comment - I can not activate a user which was synchronized as disabled at first. How can the collegue start working now? Re-adding the azure ad directory is no solution, as we will loose the whole configuration in crowd.

            Change severity please. This in effect introduces a security vulnerability.

            Sandor Krisztian Andre added a comment - Change severity please. This in effect introduces a security vulnerability.

            Hi, I can confirm this bug. It is the cause of the issue CWDSUP-16849.

            Sandor Krisztian Andre added a comment - Hi, I can confirm this bug. It is the cause of the issue CWDSUP-16849.

            I upgraded to Crowd 3.4.0. It is affected, too

            Benjamin Brummer added a comment - I upgraded to Crowd 3.4.0. It is affected, too

            As it is not listed for Crowd 3.4.0 can you confirm that it is solved?

            Benjamin Brummer added a comment - As it is not listed for Crowd 3.4.0 can you confirm that it is solved?

            Version 3.3.3 is affected too.  I reported it for the first time starting with crowd 3.2.3, used when i opened a request on 18/Oct/18. I guess a lot of  companies are not aware of this issue and therefore a lot of former employees have still access to protected content.

            Benjamin Brummer added a comment - Version 3.3.3 is affected too.  I reported it for the first time starting with crowd 3.2.3, used when i opened a request on 18/Oct/18. I guess a lot of  companies are not aware of this issue and therefore a lot of former employees have still access to protected content.

              pszczepanik Szczepan (Inactive)
              mmakowski Mareusz (Inactive)
              Affected customers:
              6 This affects my team
              Watchers:
              9 Start watching this issue

                Created:
                Updated:
                Resolved: