We have an existing Atlassian JIRA OnDemand instance and I have added Confluence. Confluence will be used by my team only, whereas JIRA is used by the entire company. We currently have 6 site-admins which includes myself. Once I Confluence was "installed" I revoked access to Confluence for everyone except my team. This had the unintended side effect of removing the other site-admins from that group and obviously prevents them from creating new users. Ideally I would like to give them back their site-admin permissions so they can create new users (who will only access JIRA); however, it appears that when I add users to either the site-admin group or the admin group they are automatically granted access to Confluence.
Is there a way to give back user management access to my other admins but not grant them access to Confluence? That way I can stick with the current Confluence tier which accommodates only the number of people on my team.
I believe that if you just add the user to have administrative permissions and not the can user permission, this may work. As in the official Atlassian confluence permissions doc:
Granting the 'System Administrator' or 'Confluence Administrator' permission to a user will not automatically grant the user access to all spaces in the site. These permissions will only give access to the administration console.
Be aware, however, that users with 'System Administrator' can add themselves to the 'confluence-administrators' group and become a super-user.
The Confluence Administrator permission and the 'confluence-administrators' group are not related. Going by the names, you would think the 'confluence-administrators' group and the 'Confluence Administrator' permission are related – but they are not. Granting a user or a group 'Confluence Administrator' permission is not the same as granting them membership of the 'confluence-administrators' group. Granting the 'Confluence Administrator' permission enables access to only a subset of the administrative functions. Granting membership to the 'confluence-administrators' group gives complete access.
I hope this helps.
Thanks for the reply Rodrigo! I had read through that document but wasn't entirely sure I understood that section. After rereading it and your reply, am I correct to think that doing what you proposed would grant them administrator permissions which is limited to managing projects in JIRA and such, but they would not be able to perform user management functions? From everything I've read so far it appears that if I grant user management functions by adding them to the site-admin group (which I understand is the only way to give a user the ability to manage users), then they will always have access to any application installed in the Atlassian instance. If I had a larger-number-of-users tier then this wouldn't be a problem; however, I am trying to make it work with the 10 user licenses and my team, including me, is 10. That makes it problematic b/c I can't include the other 5 JIRA admins without removing some of my team members. My interim solution has to been to revoke Confluence access for two team members so I could add back two of the existing admins into the site-admin group. That is the only way I know how to grant them user management access. They do a lot of daily work with users and groups so I can't take those functions away from them.
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG