-
Suggestion
-
Resolution: Low Engagement
-
None
-
2
-
Problem Definition
Nested Groups can be enabled on both, Crowd server and connected applications using Embedded Crowd.
On some connected applications, doing operations with nested groups (i.e. permissions validation on Confluence) may be expensive.
When Embedded Crowd synchronizes a directory with Crowd, it uses the /crowd/rest/usermanagement/1/group/membership REST API method.
If we have the below hierarchy in the LDAP server, then Crowd will pass it along to the connected application without any modifications.
+ GroupProject1
++ aduser003
++ GroupTeam1
+++ aduser001
+++ aduser002
This forces the connected application to be aware of nested groups and still perform expensive operations to accomplish its tasks.
Suggested Solution
When nested groups is enabled in Crowd, there could be a configuration to always pass along to the connected applications a flattened groups memberships in a way that the connected application isn't aware the nested groups configuration exists.
In the previous example, instead of passing the hierarchy below
+ GroupProject1
++ aduser003
++ GroupTeam1
+++ aduser001
+++ aduser002
Crowd could send a flattened list of users x groups memberships as below
+ GroupProject1
++ aduser003
++ aduser001
++ aduser002+ GroupTeam1
++ aduser001
++ aduser002
This would relief the connected application from expensive nested groups calculation, leaving this task to Crowd when Synchronization occurs.
Workaround
There's no workaround so far.
- is related to
-
CWD-4942 Update Nested Groups in Crowd documentation
-
- Closed
-
[CWD-5410] When nested groups are enabled, provide flattened groups' membership when synchronizing with connected applications
| Resolution | New: Low Engagement [ 10300 ] | |
| Status | Original: Gathering Interest [ 11772 ] | New: Closed [ 6 ] |
| Labels | Original: embedded-crowd nested_groups pse-request | New: cleanup-seos-fy25 embedded-crowd nested_groups pse-request |
| Support reference count | New: 2 |
| Workflow | Original: JAC Suggestion Workflow [ 3387859 ] | New: JAC Suggestion Workflow 3 [ 3629726 ] |
| Workflow | Original: Simplified Crowd Development Workflow v2 [ 3235145 ] | New: JAC Suggestion Workflow [ 3387859 ] |
| Issue Type | Original: Improvement [ 4 ] | New: Suggestion [ 10000 ] |
| Status | Original: Open [ 1 ] | New: Gathering Interest [ 11772 ] |
| Labels | Original: nested_groups pse-request | New: embedded-crowd nested_groups pse-request |
Hello,
Thank you for submitting this suggestion. We appreciate you taking the time to share your ideas for improving our products, as many features and functions come from valued customers such as yourself.
Atlassian is committed to enhancing the security and compliance of our Data Center products, with an emphasis on sustainable scalability and improving the product experience for both administrators and end-users. We periodically review older suggestions to ensure we're focusing on the most relevant feedback. This suggestion is being closed due to a lack of engagement in the last four years, including no new watchers, votes, or comments. This inactivity suggests a low impact. Therefore, this suggestion is not in consideration for our future roadmap.
Please note the comments on this thread are not being monitored.
You can read more about our approach to highly voted suggestions here and how we prioritize what to implement here.
To learn more about our recent investments in Crowd Data Center, please check our public roadmap.
Kind regards,
Crowd Data Center