Open issues

Order by Priority
  1. Suggestion
    CWD-6351Upgrade bundled Tomcat to 9.0.99 or higher
  2. Suggestion
    CWD-6347Reintroduce Microsofts LDAP Matching rules for Crowd
  3. Suggestion
    CWD-6350Add an option to Microsoft Entra ID directory type available for other directory types
  4. Suggestion
    CWD-1029Show clearer error in atlassian-crowd.log file if login fails due to domain property that does not match the application's domain.
  5. Suggestion
    CWD-4984A form of notification should user directories failed to synchronize
  6. Suggestion
    CWD-5531Improve Crowd REST API description for admin/1.0/groups
  7. Suggestion
    CWD-5738Improve Crowd DC installation doc
  8. Suggestion
    CWD-5958Create crowd.cfg.xml file while deploying Crowd on docker or K8s environment
  9. Suggestion
    CWD-6286Provide an option to modify Crowd Schedule Jobs
  10. Suggestion
    CWD-6311Group administration with delegated directories
  11. Suggestion
    CWD-1636Support PAPE for OpenID Anti-Phishing Security
  12. Suggestion
    CWD-2759Force application sync on add user event
  13. Suggestion
    CWD-3822Crowd does not create indexes for cwd_application_alias
  14. Suggestion
    CWD-5552Ability to Filter users and groups For AzureAD in Crowd standalone version
  15. Suggestion
    CWD-5567As a group administrator, I'd like to manage groups within the group I administer
  16. Suggestion
    CWD-5600Allow ability to add groups to the Azure AD group filter in bulk
  17. Suggestion
    CWD-5693Allow Administrators to Configure the Content Security Policy
  18. Suggestion
    CWD-5765Option to keep LDAP users and groups inside the cwd_user and cwd_group table although the users or groups could not be found during the directory synchronisation.
  19. Suggestion
    CWD-6277Troubleshooting would be easier with StuckThreadDetectionValve set by default
  20. Suggestion
    CWD-3908Update screenshots in Crowd's documentation
  21. Suggestion
    CWD-4969CSV Importer: Import Group Membership File without User File
  22. Suggestion
    CWD-5159Provide Read-Only Access to Crowd Admins
  23. Suggestion
    CWD-5261Create Crowd Data Center deployment app in Azure marketplace
  24. Suggestion
    CWD-5666Provide an option to create/download Support from all the nodes in Crowd DC
  25. Suggestion
    CWD-5679API that creates a group in a specific directory in Crowd
  26. Suggestion
    CWD-5739Allow configuration for LDAP connectors to retain users in Crowd when they are deleted in LDAP
  27. Suggestion
    CWD-5891Introduce a new $resetlink variable that will generate the link to reset password via the CrowdID
  28. Suggestion
    CWD-5915Crowd Data Center to support Geo-Clustering
  29. Suggestion
    CWD-6292Enable Incremental Sync for PAM changes in AD
  30. Suggestion
    CWD-598Allow authentication by PKI infrastructure
  31. Suggestion
    CWD-1681Support Windows Authentication For MS SQL Database
  32. Suggestion
    CWD-4353Application audit log for user login attempts
  33. Suggestion
    CWD-4390Restrict Admin Access to a Specific Application
  34. Suggestion
    CWD-4435Provide a supported method for unattended installations
  35. Suggestion
    CWD-4680When creating a group, require at least one member of the group that is not null if the directory type requires it
  36. Suggestion
    CWD-4963When using a read only Crowd/JIRA Directory, users attempting to change their password get an unhelpful error message
  37. Suggestion
    CWD-5397Crowd REST API to retrieve License and user count Details
  38. Suggestion
    CWD-5569Provide a way to stop synchronisation job for the directory.
  39. Suggestion
    CWD-5601Please add the ability to use dynamic lookups instead of DNS name lookups to connect to Active Directory on Crowd / Embedded Crowd
  40. Suggestion
    CWD-5618Provide support for MySQL Databases using utf8mb4
  41. Suggestion
    CWD-5643Add "Default group memberships" for Azure Active Directory
  42. Suggestion
    CWD-5703Add the ability to hide "Forgot your password?" link in the login page.
  43. Suggestion
    CWD-5907Crowd Data Center Support For Oracle Exadata HA
  44. Suggestion
    CWD-5529Enable JMX remote monitoring in Crowd Server
  45. Suggestion
    CWD-5769Sync group deletion when using delegated user directory
  46. Suggestion
    CWD-5786Required REST API or Curl Command to bulk update all the existing Crowd user group with newly added Group Admin user/group of users.
  47. Suggestion
    CWD-6346Disable "Can't log in?" link [SO292775]
  48. Suggestion
    CWD-4559Better error messages for AD connected password resets
  49. Suggestion
    CWD-5697HTTP Options
  50. Suggestion
    CWD-5728Crowd with Oracle multitenant mode support
Refresh results
36 of 797
Uploaded image for project: 'Crowd Data Center'
  1. Crowd Data Center
  2. CWD-4963

When using a read only Crowd/JIRA Directory, users attempting to change their password get an unhelpful error message

    • 21

    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

      NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion.

      Steps to Reproduce
      1. Set up JIRA and Confluence
      2. Enable JIRA User Server, and allow Confluence to connect to it
        • When defining the directory, set the directory as read only
      3. As a user from the JIRA directory, attempt to reset your password

      Note: the above steps for reproduction are also applicable to Crowd.

      Expected Results

      Because the directory is read-only, the password cannot be reset. A message similar to the following would be helpful:

      Your account is managed by <application name>, and cannot be updated at Confluence. Please visit <application url> to make changes to your account. If you're having trouble, please consult your system administrators.

      This lets the user know their account cannot be changed at the current application, and where to go for managing it.

      • We know the directory is read-only
      • We also know which directory a user logs in through
      • We're also aware of where that directory is located (since we have this configuration as a part of the directory)
      Actual Results

      The update fails, and the following message appears:

      An internal error occured when trying to change your password.

      Users must contact the administrator, rather than being able to self-service.

      Workaround

      Setting the directory Read/Write allows users to reset their passwords in Crowd and JIRA from a downstream application such as Confluence. However, there are some cases where this may not be desirable - Confluence should fail gracefully, and guide the user to a location where they can change their password.

            Edward Simmonds added a comment -

            I can't login with my password. I request to change password ("Forgot Password"). I get an email with a link to change the password. I change the password and get a message back that indicates the password change was successful. I try to log in and can't because it says the password was incorrect.

            Also, after clicking the "Report a bug" link, it is not clear how to create a report. 

            I'm dead in the water for using this software/system.

            Edward Simmonds added a comment - I can't login with my password. I request to change password ("Forgot Password"). I get an email with a link to change the password. I change the password and get a message back that indicates the password change was successful. I try to log in and can't because it says the password was incorrect. Also, after clicking the "Report a bug" link, it is not clear how to create a report.  I'm dead in the water for using this software/system.

            Michael Woffenden added a comment -

            We're still struggling with this here in 2021.  We have JSM and Confluence and sometimes users try to change their Confluence password, generating support tickets and frustration for all.

            Fact is, Confluence should have some code/smarts (as previously suggested by others) to direct users automatically to the source Crowd application (in our case JSM).  We think this is preferred over just displaying a message.

            Atlassian - can someone look at this and fix it?

            Michael Woffenden added a comment - We're still struggling with this here in 2021.  We have JSM and Confluence and sometimes users try to change their Confluence password, generating support tickets and frustration for all. Fact is, Confluence should have some code/smarts (as previously suggested by others) to direct users automatically to the source Crowd application (in our case JSM).  We think this is preferred over just displaying a message. Atlassian - can someone look at this and fix it?

            Manfred Lauterbach added a comment -

            +1

            Manfred Lauterbach added a comment - +1

            Deleted Account (Inactive) added a comment -

            This problem is literally the #1 nuisance for our JIRA/Bitbucket/Crowd/etc. support team. The number of issues opened for this issue is monumental. Why do ATLASSIAN tools not tell us the right place to go for resetting passwords when they are linked to Crowd SSO?

            Please, PLEASE fix this.

            Deleted Account (Inactive) added a comment - This problem is literally the #1 nuisance for our JIRA/Bitbucket/Crowd/etc. support team. The number of issues opened for this issue is monumental. Why do ATLASSIAN tools not tell us the right place to go for resetting passwords when they are linked to Crowd SSO? Please, PLEASE fix this.

            Ian Lee [LLNL] added a comment - - edited

            I successfully stumbled upon this myself in Confluence 5.9.3, and can confirm that it is an issue. See also: CWDSUP-13066

            As far as the work around, one other consideration is: if the Crowd directory is in Read-only mode (on purpose) then it might be preferable to direct the end-user to another site to change the password. E.g. some kind of central LDAP / AD authentication service. Currently the only way to get that sort of behavior would be to dig into the Confluence source templates and modify the "Forgot my password" link.

            Ian Lee [LLNL] added a comment - - edited I successfully stumbled upon this myself in Confluence 5.9.3, and can confirm that it is an issue. See also: CWDSUP-13066 As far as the work around, one other consideration is: if the Crowd directory is in Read-only mode (on purpose) then it might be preferable to direct the end-user to another site to change the password. E.g. some kind of central LDAP / AD authentication service. Currently the only way to get that sort of behavior would be to dig into the Confluence source templates and modify the "Forgot my password" link.

            lewyoung@deloitte.com.au added a comment - - edited

            Thanks @dnorton for raising this.

            This issue caused significant disruption to our business operations nationwide for most of a day, before Dave kindly responded to my support ticket with the workaround described on this issue. A helpful error message (and easily-discoverable documentation on this issue for sysadmins) would have enormously reduced the impact of this problem for our operations.

            lewyoung@deloitte.com.au added a comment - - edited Thanks @dnorton for raising this. This issue caused significant disruption to our business operations nationwide for most of a day, before Dave kindly responded to my support ticket with the workaround described on this issue. A helpful error message (and easily-discoverable documentation on this issue for sysadmins) would have enormously reduced the impact of this problem for our operations.

              Unassigned Unassigned
              dnorton@atlassian.com Dave Norton
              Votes:
              29 Vote for this issue
              Watchers:
              30 Start watching this issue

                Created:
                Updated: