Forums

Articles
Create
cancel
Showing results for 
Search instead for 
Did you mean: 

LDAP User count not updated after deactivating a user

Csaba Magyar April 27, 2014

We use Confluence 3.5.13 with LDAP authentication (LDAP read only).

Directory order:

1. Upgraded atlassian-user LDAP (ldapRepository). Type: Microsoft Active Directory (Read Only, with Local Groups)

2. Confluence Internal directory. Type: Internal

Unfortunately, the user count isn’t updated under License Details when a user is removed from all groups (user is not member of any groups).

I tried to update the correct number of active users that counts towards the license limit according to the procedure from below:

- Change directory order

- Disable LDAP directory

- Synchronize

- Refresh the number of Licensed Users under License Details (Confluence shows now the correct number of active users)

- Enable LDAP directory

- Change back the directory order

Well, for the moment the number is correct but only until a new refresh (new synchronization) of the LDAP.

How can this problem be solved?

4 answers

0 votes
Csaba Magyar April 27, 2014

No individual users have the permission. Yes, one LDAP (primary) and one Internal.

0 votes
Andris Grinbergs
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
April 27, 2014

Maybe you have granted "Can Use" permission to individual users? Then removing user from all groups will not help.

How many user directories are you using? (1xLDAP + 1xInternal ?)

0 votes
Csaba Magyar April 27, 2014

Setting up that only one group have "CAN USE" global permission will not save the problem.

confluence-users and confluence-administrators must have the CAN USE global permission. If there are additional groups with the permission, removing them will result in counting down the number of active users according to the number of users in the additional groups only - the behaviour will be the same when a LDAP user is removed from all groups: the number of active users will not count down.

0 votes
Andris Grinbergs
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
April 27, 2014

Try setting up that only one group have "CAN USE" global permission. Then it will be easier to manage and I believe such issues will not apear.

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events