Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Next challenges

Recent achievements

  • Global
  • Personal


  • Give kudos
  • Received
  • Given


  • Global

Trophy case

Kudos (beta program)

Kudos logo

You've been invited into the Kudos (beta program) private group. Chat with others in the program, or give feedback to Atlassian.

View group

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Azure sync users being removed from confluence-users group Edited

Hi guys,

When I sync users from Azure, they are showing as 'User is read only'

They are not automatically added to the confluence-users group.  You can momentarily add them but after a short time they are removed from the group and no longer have access.

I'm using the SAML SSO Plugin, with the User Update Method set to "Update with UserSync-Connector"


**update** group membership is being removed by the UserSync

Has anyone else had the same issue?

Thank you.

1 answer

1 accepted

Hi Damien,

by default the Usersync connector will see AzureAD as the "master" and remove the User from all the groups where is not part of in AzureAD.

So one possible solution for you is to have a group like confluence-users (can be a different name) in AzureAD.

If that's not what you like, then you need to tell the connector which groups it should treat as "local groups". Essentially leave the User in the "local groups" even though they are not present in AzureAD.

You can do that via User Sync -> Edit the Azure AD connector you created.
Then -> Show Advanced Settings.

Scroll down to -> Local Group Management. Under -> Keep these Groups click -> Add one

Afterwards add confluence-users to there. This will mean the connector will never remove a User from this group. You can also use regular expressions instead - so something like confluence-.* would treat everything that starts with confluence- as a local group and leave it alone.

You also said:

They are not automatically added to the confluence-users group

If you would like to add every User the connector syncs to be added to the confluence-users group, then you can use the following setting.

Local Group Management. Under -> Always assign these groups click -> Add one and then add all the groups you want assigned to every User here.

Hope that helps!

You can also always schedule a Screenshare session with us, if you like to discuss this in more Detail.


P.S. Full disclosure, I work for resolution, a marketplace vendor.

Suggest an answer

Log in or Sign up to answer
Community showcase
Posted in Confluence

What do you think is the most *delightful* Confluence feature? Comment for a prize!

- Create your own custom emoji 🔥 - "Shake for Feedback" on mobile 📱 - An endless supply of GIFs via GIPHY 🤩 Is there anything quite as nice as a pleasant surprise? Comment below with what...

402 views 23 8
Join discussion

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you