-
Bug
-
Resolution: Unresolved
-
Low
-
None
-
7.2.2, 7.3.1, 7.3.3
-
None
-
7.02
-
46
-
Severity 2 - Major
-
2
-
Summary
Somehow in JIRA a particular LDAP user does not get updated from active to inactive
Steps to reproduce:
- Integrate JIRA with AD (or LDAP)
- Make sure that "Copy User on Login" and "Update User attributes on Login".
- Set the "Default Group Memberships" to a group that is allowed to login to JIRA.
- Create a User on AD and Log in using the user.
- Navigate to JIRA Administration > User Management > Users to clarify that the user is created.
- Back to AD side, disable or delete the previous user.
- Login to JIRA using the same user.
Expected Result:
- JIRA would reject the user and set the user as inactive.
Actual Result:
- JIRA would reject the user and no user details is not updated for the user, it will stay as active.
Workarounds
- First workaround:
- Login to Jira as a local admin (not in the LDAP directory)
- Edit your directory config to disable "Update User attributes on Login"
- Edit the user to re-enable them
- Edit your directory config to enable "Update User attributes on Login"
- Second workaround:
- Move the user out of the AD group and add it back in.; disabling/re-enabling seems to not be enough for Jira to refresh the status.
Notes:
- The user will still be counted towards the license.
- Admin would not be able to set the user as inactive due to the option "Update User attributes on Login".
- Other details will be updated but not the Active/Inactive part.
- is related to
-
-
- Gathering Impact
-