User did not get updated from Active to Inactive with Delegated LDAP

Summary

Somehow in JIRA a particular LDAP user does not get updated from active to inactive

Steps to reproduce:

1. Integrate JIRA with AD (or LDAP)
2. Make sure that "Copy User on Login" and "Update User attributes on Login".
3. Set the "Default Group Memberships" to a group that is allowed to login to JIRA.
4. Create a User on AD and Log in using the user.
5. Navigate to JIRA Administration > User Management > Users to clarify that the user is created.
6. Back to AD side, disable or delete the previous user.
7. Login to JIRA using the same user.

Expected Result:

1. JIRA would reject the user and set the user as inactive.

Actual Result:

1. JIRA would reject the user and no user details is not updated for the user, it will stay as active.

Workarounds

1. First workaround:
   1. Login to Jira as a local admin (not in the LDAP directory)
   2. Edit your directory config to disable "Update User attributes on Login"
   3. Edit the user to re-enable them
   4. Edit your directory config to enable "Update User attributes on Login"
2. Second workaround:
   • Move the user out of the AD group and add it back in.; disabling/re-enabling seems to not be enough for Jira to refresh the status.

Notes:

1. The user will still be counted towards the license.
2. Admin would not be able to set the user as inactive due to the option "Update User attributes on Login".
3. Other details will be updated but not the Active/Inactive part.