You're on your way to the next level! Join the Kudos program to earn points and save your progress.
Level 1: Seed
25 / 150 points
Next: Root
1 badge earned
Challenges come and go, but your rewards stay with you. Do more to earn more!
What goes around comes around! Share the love by gifting kudos to your peers.
Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!
Join now to unlock these features and more
The Atlassian Community can help you and your team get more value out of Atlassian products and practices.
Hi All,
I am using JIRA with Crowd directory and in Crowd I have configured the LDAP directory for authentication.
Now in Crowd 2.9 LDAP configuration I see an option "Filter out expired users" which states
If ticked, expired users will be automatically removed.
What does it mean exactly, if the account is expired in LDAP (MS active directory) then the account from crowd would be removed? But would this change be propagated to JIRA as I don't want any account which was ever a assignee/reporter to be removed. I only want it to be deactivated in crowd or be removed from the associated groups so that it doesn't count towards the license. Is there a way to achieve Deactivation of user automaticaly if it's disabled/expired in the AD.
In this link - https://confluence.atlassian.com/display/CROWD/Deleting+or+Deactivating+a+User
"For Microsoft Active Directory servers, LDAP Connector Directories and Delegated Authentication Directories will synchronize the status of users with the remote server, if the 'Synchronize User Details' option has been enabled. In other words, if a user account is disabled in Active Directory, it will be deactivated in Crowd on the next synchronization"
But I don't see the option of "Synchronize User Details" in my Crowd 2.9 installation so is it implicit? Does it happen for all users as I just want to disable the users instead of deleting them.
Thanks,
I see another option - "Manage user status locally" , if I "untick" this option then would that mean that if the user is disabled in LDAP then it will be deactivated in crowd as well, which is something I actually desire.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.