Uploaded image for project: 'Jira Data Center'
  1. Jira Data Center
  2. JRASERVER-23861

An admin can lock themselves out of JIRA by changing the order of the User Directories.

    XMLWordPrintable

Details

    Description

      An admin can log into JIRA through an Internal Directory, then add an LDAP directory, and push this LDAP directory up to the top of the directory list.

      If they don't have the required group memberships in the LDAP directory, they may no longer have admin permissions, or even permission to log in.
      You could now be in a position where there are no users in JIRA with admin permission.

      Note that there are already restrictions in place to stop admins from editing an LDAP directory that they are logged in through.

      Attachments

        Issue Links

          is related to

          Bug - A problem which impairs or prevents the functions of the product. JRASERVER-24558 JIRA using mixed-case username from LDAP corrupt other features

          • High - High priority issues
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. JRASERVER-29054 JIRA using mixed-case username from LDAP

          • High - High priority issues
          • Closed

          Suggestion - JRASERVER-24127 'Shadow users report' on reordering directiories in User Directories

          • Closed
          mentioned in

          Page Loading...

          Wiki Page Loading...

          Activity

            People

              andreask@atlassian.com Andreas Knecht (Inactive)
              mlassau Mark Lassau (Inactive)
              Votes:
              4 Vote for this issue
              Watchers:
              10 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: