Restrict permission to space for supplier when SD is used

Deleted user September 15, 2017

Hi,

I need to prohibit external supplier access to my company spaces in confluence.

We use Service Desk and linked Confluence space. For those spaces is set:

Any active user can view this space

 Any active user can view pages in this space, including users who don't have a Confluence license. This was enabled through JIRA Service Desk so people can view knowledge articles when raising a help request.

We have over 2000 employees using this open SD spaces so managing them into groups is not taken into account.

How to add supplier access only to one space ? SD spaces should be hidden from him.

 

1 answer

0 votes
Vincent Huynh September 16, 2017

Hello Rafal,

Do you have a group that includes all your employees and not the external suppliers? If so, could you just provide view access to this group in your spaces instead of providing access to all active users?

If this is not an option, then perhaps more information on your set up might be needed.

-Vincent

Deleted user September 17, 2017

Hello Vincent,

Thats the whole point, that using JIRA SD we do not need to have groups. Having 2000 users connected to AD it's easier just to have  SSO autorisation without adding everybody to a group.

In case I use groups, I would have to add user any time I have a new employee. It's easier to have "any active user ..." scenario.

I will check AD groups autorisation in Confluence. This may solve my problem. Any new employee would already have an default group which would contain Confluence access.

Rafal

Vincent Huynh September 20, 2017

Hello Rafal,

Let us know if that ends up working. If not, since I do not fully understand your set up, could you describe how JIRA/Confluence would be able to differentiate who is an employee versus who is an external vendor?

It sounds like you hinted that employees would have AD accounts. If your AD group membership is synced with your JIRA instance, would you be able to grant confluence access to a group that all new AD users get added to automatically (i.e. domain users)?

-Vincent

Karol Jochelson September 21, 2017

Hi Vincent. 

I am afraid this configuration does not work.  I work with Rafał so I can elaborate on our setup.

We created a group in our AD that identifies all our internal users. We then assigned this to our Jira users. The problem is that in order for unlicensed users to access spaces in confluence two things need to be done. a) The Service Desk knowledge base must be set to "All active users and customers can access the knowledge base without a Confluence license" and b) In confluence global permissions you must have "Can Use" ticket off in the "Unlicensed Access" .

If you switch the Service Desk knowledge base to "Only licensed users who have access to the space" there is no option to add "Unlicensed" privileges to specific spaces. 

Hope that clarifies our problem? 

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events