Confluence and Active Directory

I currently have Confluence synced with AD. The issue I am having is that as a confluence admin when I add a user to a group it is then mirrored into the group in AD. This is clearly a security issue as Confluence should not be able to make any changes on AD. My question is whether this is due to misconfiguration and if so how can it be fixed?

1 answer

1 accepted

1 vote

Answer accepted

Hi @Davey Jones,

Welcome to Atlassian Community.

Based on your description it sounds like your user directory is setup with Read/Write permissions in the AD. You can setup a directory with three different permission settings; Read-only, Read-only with internal groups and Read/Write. I always recommend against using Read/Write and in most cases I use Read-only with internal groups so I can control on the application level who have access to it.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Ok so that's an AD side configuration not a Confluence config?

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

The configuration is in Confluence, and to change it you need to log in using a user that is not part of that user directory, normally you have an admin account that is part of the internal directory. You can then change the permission settings on the AD directory.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Great thanks for the help!

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Forums

Product Q&A

Community resources

Support

Top groups

Community resources

Support

Learn

Community resources

Support

Events

Community resources

Support

Confluence and Active Directory

1 answer

1 accepted

Suggest an answer

Was this helpful?

Thanks!

TAGS

Atlassian Community Events