Inconsistency on LDAP membership updates in case of a duplicate group name (from Internal x LDAP)

Steps to reproduce:

1. In a JIRA instance with two user directories:
   • LDAP (Type => Connector; Operations/Mode => Read only with local groups; Position => 0)
   • Internal (Basic; Position => 1)
2. Through JIRA web interface, create a group called TestGroup.
3. Create a group using the same name into the LDAP.
4. On LDAP side, add n user as member of the TestGroup.
5. Resynchronize the LDAP directory within JIRA web interface.

The result:

JIRA is not able to update the group membership and will log the following error during the synchronization:

28 21:50:58,176 QuartzWorker-0 DEBUG      [atlassian.crowd.directory.DbCachingRemoteChangeOperations] group [ TestGroup ] in directory [ 10000 ] matches local group of same name, skipping

Workaround:

1. copy all group memberships in the local directory to the external directory
2. delete the group in the local directory
   If you want to treat a select group of user specially in JIRA only:
3. configure a new group with a similar but different name (e.g. TestGroupJIRA instead of TestGroup) and manage that group within JIRA

Another workaround:

1. Backup JIRA database.
2. Run the following sql statement:

   UPDATE cwd_group SET local = 0 WHERE local = 1 AND group_name = 'TestGroup';
   

3. Restart JIRA application.