I use crowd for Jira,Confluence and BitBucket.
I use AD for authentication and crowd directory for group management.
Under users, all users have email addresses.
Under application BitBucket some users are missing email addresses.
Attempts to update the missing email address via crowd-> application -> Users -> <user-name> yields:
Directory does not allow user modifications
How do I get crowd to re-sync with the data I see via crowd -> users
Is this a crowd bug I should file or a case I should open.
Seems like some kind of corruption.
BTW same thing happens with a subset of confluence users?
It like it doesn't like certain email addresses? Yet these addresses don't look special?
Hi @Terry Harple! additionally to what @Ann Worley suggested, you may also want to check how email attribute is mapped in you Crowd configuration. Maybe there is a chance that you are using some custom attribute name for that which this particular user does not have in you remote directory or have the email attribute set under different key? By default for Active Directory connector Crowd is using 'mail' attribute name for the user email.
You may check that under Crowd > Directories > Your Active Directory > Configuration tab
I understand that in Crowd, when you go to Application>Bitbucket>Users some of the users don't have email addresses. The same is happening with some of the Confluence users.
When you go to the Users menu, and search for the same users, the email addresses are there.
The email addresses originate in the LDAP directory. The LDAP directory does not accept updates from Crowd, that's why you cannot manually add the email addresses.
I look forward to hearing more about your case.
I am sorry I did not mention, I only use the LDAP server for Delegated authentication directory which I thought meant that all other info comes from the Internal crowd directory?
Additionally when this happens, and I try to change the email address from say crowd -> application -> BitBucket -> Users - <User> I get an error that says this directory is read only which is what I expect for LDAP DA Dir. But the email address is not really p/o that directory it really belongs to the Internal crowd directory.
BTW I have my LDAP DA Directory 1st and crowd Internal 2nd both have authenticate true and directory aggregate groups selected.
User attributes like email are pulled from the delegated directory when the user logs in, rather than during scheduled synchronizations, but they still reside in LDAP.
You can see the attributes that are pulled from LDAP in the Delegated Directory setup:
If you spend enough time as a Jira admin - whether you are managing a single, mid-sized instance, a large enterprise one or juggling multiple instances at once - you will eventually find yourself in ...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
We're bringing product updates and pro tips on teamwork to ten cities around the world.Save your spot