Hi there. I am confused about an issue that touches content as well as billing in my Confluence On Demand account.
People have moved on from my organization after providing valuable insight to our wiki. As such, I understand that I can't delete them without losing the content that they made.
I can disable them so that they no longer log in. However, I am still paying for them. I expect continuing turnover in this organization and this will become financially hard to justifyupstairs pretty quickly.
This is a big deal, as the finance types would see such an arrangement as a giant rip-off.
How can I remove a user and preserve the content that they have made?
I want to close this question, I do. However it is not resolved. I can not find out my current users applied to the license because https://confluence.atlassian.com/display/AOD/Managing+application+access does not reflect my user experience. I commented on that page seeking guidance. If I can do that, I will do some experiments and see what the proper resolution is, then I will close this question.
There's two related, but separate points here
1. You're doing the right thing in disabling them so that they can no longer log in. I assume you are removing them from "confluence-users" group, which is the default way to say "can log in" (or, rather, in confluence "con use"). Once you've done that, you are sorted - the user has a complete history, attribution, and so-on.
2. Licences are by volume. This is actually simple to calculate - OnDemand will let you have up to X *active* users, depending on what you've paid for. By "active", it means "people who can log in". Which you've dealt with in point 1. If a person leaves, you just drop them out of "can log in" and they no longer take up a license, leaving you free to give their seat to someone else.
Now I've rambled through that, I can see the "paying for them" becomes a bit fuzzy. I think of it as seats in a restaurant. It's got fifty seats. You, the owner, pay the maintenance on 50 seats. You aren't allowed to have more than 50 people in the place, number 51 has to wait until there is space. But even when you've only got 25 bums-on-seats during the morning lull, you are still paying for 50 seats.
Does that make sense?
Thank you both. ANd so quick in your response. Please stay with me here.
Dave, thank you. However, I can not find anything regarding Application Access. The content describing it at https://confluence.atlassian.com/display/AOD/Managing+application+access does not reflect my UI. Perhaps it is out of date.
Nic. That makes perfect sense, but that is not my experience. I have disabled and removed users from Confluence and I still am not allowed to add another.
Hmm. I'm sure OnDemand works the same way as download versions (i.e. each account that can log in = 1 seat, and your number of seats is capped by your license)
Some quick follow-ups - what does your licence say is your upper limit? How many users have "can use"? That might sound obvious, but I ran into this a few weeks ago - the complaint was that they couldn't add more users, despite only having 35ish in confluence-users. Turned out another admin had put another group into "can use" and that group had the 35ish and another batch of expired users, so they'd hit their 50 limit accidentally. Check the global permissions to make sure the can-log-in groups really do match what you expect (bear in mind admins get can-log-in automatically , althoug it does deduplicate properly - if you are in admin and users, it still counts you as only one seat)
Nope, I've just had an ex-colleague confirm that it works the same as download (barring the admin account)
Could you have a look at the global permissions and check ALL the groups that have login rights? Bear in mind it's users AND administrators who count.
There is not explicit "login rights" column under Global Permissions: http://o7.no/VoKNpm. I see your theory but there is a total of 13 users counting disabled one on the system. I can audit them pretty quickly.
Regardless, my challenge is that I want to remove them and maintain their content. I think that you (Nic) are advocating for a different business process than I am imagining, which means maintaining these users in a disabled state. I am willing to adopt that if there is a compelling reason to do so, but not if they are going to cost me monthly forever.
I'm really not sure where the complexity is here. All you need to do is remove your "dead" users from any group that lets them log into Confluence. They will then stop counting towards your licence count. Their content will not be touched.
There's nothing more to explain here. I really don't understand what the difference is in your business process. Stop them logging in and keep their content. That's what I've said several times.
Could you have a look at https://confluence.atlassian.com/display/DOC/Global+Permissions+Overview - especially the "overview" section and the first line of the table which says "can use". There is a slight oversight in that table - it does not explicitly say "admins count as users too", but most of us put admins in the "can use" group as well as admin groups.
Continuing this thread out of curiosity and in the hope that it is useful to someone in the future.
I resolved my issue for now by repurposing an existing user for a new user. Not a best practice byanymeans, but I did what I had to do.
Yes, Nic. I like the idea of maintaining accounts as disabled, but it just was not working for me, because when I removed several users I still was told that I had too many folks to add a new user (the thing I needed to do when I woke up this morning): http://o7.no/Wlj2N2. I would totally do as you proscribe, except that regardless of how many I disable, the system still seems to believe that I am at my maximum users.
Gary Sackett from Atlassian support just posted this https://support.atlassian.com/browse/JST-54710:
User licensing for OnDemand Confluence only instances, such as cycle30.atlassian.net is controlled by a combination of enabled/disabled accounts, and users being in the confluence-users group. Any user that is disabled, and belongs to 'no groups' will not count against your user licenses for OnDemand. One thing to note is that Confluence only syncs with the user service once an hour, so you may need to perform a manual refresh to update the license count - this can be done here:
by clicking the flush all button on the bottom of the page. Let me know if this answers your questions, or if you have any others.
This might have been my problem, but I can not test it now without disabling some users who are hard at work contenting right now.
I still don't think you're getting it. Remove your defunct users from the groups that "can use" it. You will then be able to create more, up to your licence limit.
If this is not happening, then re-check your can-use groups (and don't forget to include admins - they get "can use" even if they aren't in the "can use" line).
I was not aware of the hour time-cycle for on-demand (it's 20 minutes for the main Jira/Confluence system I look after), but the response from Atlassian is exactly what I've been saying as well, and I'm not sure why you're still not getting it.
If you've checked the can-use permissions (and admins) then removing people from can-use will reduce your active licence count. If it's not doing that, then you've not done it right.
Could you take another look. Start with the global permissions and post what you have for "can use", and the two "administrator" lines. Then, post your list of users, with their groups listed. I am sure you'll see 10 people on the list have "can use" because of their groups.
Wow. this is getting weird. I do get it, Nic. The defunct users are disabled AND no longer members of any groups. They have been for quite some time, yet the license will still not allow me to add new users. Thus my kludgy emergency repurposing.
Thanks for the help and sticking with me, Nic. I am trying to use the app as prescribed and will, next time I need to add a user, do my damnedest to follow best practices.
Again, thanks for the effort Nic. I am back to making content now. All hail Confluence!
>They have been for quite some time, yet the license will still not allow me to add new users.
If that's the case, then there is definitely something wrong! I'd chase up your JST-54710 and tell Atlassian that you have defunct users that are inactive and not in a can-use group counting towards the licence count incorrectly.
>Thus my kludgy emergency repurposing.
It's not a "kludge" if the system isn't doing what it supposed to, and you manage to work out a way around it. More of a "proactive workaround" :-)
Hi folks, following up on this, I'm not aware of this 1-hours delay on synching the users/groups, once you remove a user from a group that should be reflected automatically.
If you still have this weird problem please let us know through support (also point to this conversation thread) so we can chase down to see if this is a bug or just a misundertanding ;)
Two vulnerabilities have been published for Confluence Server and Data Center recently: March 20, 2019 CVE-2019-3395 / CVE-2019-3396 April 17, 2019 CVE-2019-3398 The goal of this article is...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs