Is it possible to set up confluence to get only users from one Active Directory forest and only groups from a differest forest? The user forest does not have any groups. The group forest does not have active user accounts; it has accounts tied to Exchange mailboxes but disabled and those mailboxes authenticate from a domain trust to the user forest. (don't blame me, I did not set this mess up and have no control over it.)
No worries, I won’t blame you, I’ve already worked as Network/Infrastructure engineer, so I know sometimes we face some legacy structure that we need to deal :).
Well, as we know, this is a very peculiar environment, so I believe since your users and groups are being able to communicate on Active Directory environment even not being at the same forest, I believe this will also work with confluence as well. When you setup Confluence to authenticate against AD, then the AD is the responsible to manage the authentication and permissions. However, I strong recommend you to try this first in a staging environment.
The only thing you need to pay attention, is the users that will be authenticated on Confluence be tied with confluence-users group which based in your scenario will be in a different forest.
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG