Looking around, I've seen this problem variously discussed and solved for both the installed and on-line versions. However, none point me to getting my version of the problem fixed.
When user logs in, the following observations, actions, symptoms and problems:
What I tried:
So, what's wrong with the above? How do I simply create a new user, add them to a new group, and successfully give them access to confluence?
Any and all help appreciated,
I am facing the exact same problem that Richard faced. By adding a user to the Global Permissions page/list, we provide him/her access to all spaces. That's not what we want.
We have synced up the users through Active Directory, which includes contractors. We would like to give them access to certain spaces, not the entire site (all spaces). How do we achieve that?
Any help would be appreciated!
Alice's comment was very helpful. The "all staff" group we have doesn't have global permission, only specific department groups. A new group was created and assigned space permissions, but couldn't actually navigate anywhere after logging in because of the lack of global permissions for that new group.
Okay, I'm getting farther, but still am a bit confused about the underlying philosophy here and would like some further pointers where possible.
But first, what I did to get this working:
However, what this means is that this individual user now has access to all of the Confluence spaces since by default, all spaces allow access to the group 'users'.
So I'm really confused as to how one goes about making one-to-one permissioning schemes between individual users and individual confluence spaces.
The way I currently understand it then, in order to achieve what I'd like, I need to:
Obviously I'd prefer a different method than to have to re-configure group access for all spaces (not fully knowing the broader implications of this before-hand).
Is there something I'm missing preventing me from doing this in a straight-forward manner?
All advice appreciated.
i am also having the same issue.
All our users are sync'd via LDAP but we want to provide and external user access to a particular space.
i have created the user and they can log in but get the "Not Permitted" page.
i have tried various ways from adding individual permissions to the space as well as adding group permissions to the space. the only way to get it to work is to either add the group or individual to the global permissions but this then gives access to all spaces
Just to give you some detail on what our request was in case it's slightly different to yours.
I wanted to set up access to certain spaces for external users such as companies we are working with, contractors etc. I did not want to open up access to any of our other spaces as these hold confidential data.
Firstly I created a group called "External users" then under Global Permissions I added this group giving on "Can use" access and disabled access for Personal Space, Create Space, Confluence Admin, System Admin
Then I set the permissions on the space its self via Space Tools where you can set what the external users are allowed to do.
Finally, I invited the user and made sure they were only part of the group I had created.
Basically creating the group and applying the global permissions allow the user to log in and use confluence, they space tools permissions allow the user access to that particular space.
hope this all makes sense
I'm having a similar issue with confluence server and I can confirm that it is solvable but adding appropriate Global Permissions ("can use"-only).
My concern is, that this will use up a license. Can you/someone confirm that?
Which means, that by giving probably a whole bunch of users just browsing access (no editing possible!) it will burn up my licenses? Is that on purpose?
Well, yes, I see you point and I'm fine with that.
It's just, we have accounts in LDAP/AD, that I don't want to use it, but they are able to authenticate. I'd strip them of every permissions within confluence, but they are still able to log on and in doing so, they only see an error screen and get two buttons they can't use either.
I'd prefer that those users without "can use" permissions would be treated at least the same as anonymous users and not to get completely blinded.
That’s right! Grandma’s back at it again, and this time she’s brought all her friends. In honor of Team '21, this Bingo round is dedicated to all things team-related, and the prizes are no exception....
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event
You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events