Uploaded image for project: 'Jira Service Management Data Center'
  1. Jira Service Management Data Center
  2. JSDSERVER-6248

Creating new customers failed when connected to Active Directory if username is longer than 20 characters

    XMLWordPrintable

Details

    Description

      Issue description

      When using the Add Customer button from a Service Desk Project Customer page OR the Service Desk public signup page, the user is created by using the email address as a username.

      This behavior becomes a problem if JIRA is connected to an Active Directory, because JIRA will try to create a new user in the AD by populating the sAMAccountName attribute with the email address. Since the sAMAccountName attribute has a character limit of 20, customers will fail to be created if their email address is longer than 20 characters (which is very common), and the following error will be thrown in the logs:

      2018-02-20 02:44:29,434 http-nio-8080-exec-11 ERROR xxxxx XXXxXXXXx1 XXXXXXX XX.XX.XXX.XXX /rest/servicedesk/1/pages/people/customers/pagination/SDS/invite/organisation [c.a.s.internal.user.ServiceDeskUserManagerImpl] Could not create user: atlassiantestuser@test.com com.atlassian.crowd.exception.InvalidUserException: Uncategorized exception occured during LDAP processing; nested exception is javax.naming.NamingException: [LDAP: error code 80 - 00000523: SysErr: DSID-031A12C8, problem 22 (Invalid argument), data 0^@]; remaining name 'cn=atlassiantestuser@test.com,ou=people,ou=users,ou=root ou,dc=test,dc=com'

      Suggested solution

      Improve the customer creation design, e.g Add Customer button so that the Project Admin can set the username of the newly created user, instead of just entering an email address and letting JIRA automatically set this email address as the username.

      Note

      This issue will happen, no matter what the user name attribute is mapped to in the AD configuration in JIRA. Even if it's mapped to a different attribute such as userPrincipalName, JIRA will still populate the sAMAccountName attribute.

      Workaround

      1. First, create the user from the page âš™ > User Management > Users > Create User
        1. With this creation method, you'll be able to decide what the username attribute should be and use a string which is less than 20 characters
      2. Then add the user to the project customers by going to the Project's Customers page, clicking on Add Customer and using the username of the user created in the first step

      OR

      Asking customers to sign up from Jira's sign up page.

      Attachments

        Issue Links

          is related to

          Bug - A problem which impairs or prevents the functions of the product. CWD-5762 unable to a create user with more that 20 characters in Microsoft Active Directory'

          • Low - Low priority issues
          • Long Term Backlog

          Activity

            People

              Unassigned Unassigned
              jrey Julien Rey
              Votes:
              9 Vote for this issue
              Watchers:
              10 Start watching this issue

              Dates

                Created:
                Updated:

                Backbone Issue Sync