It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

crowd with AD connector: how detect disabled users ?

C. Faysal Feb 02, 2014

hey folks,

is there a way to detect ex-employees and deactivate automatically so that there is no manual action needed?

we connect crowd to our AD through a Active Directory Connector...unfortunately it returns all records based on the used search when an employee leaves the company some bits are being set on his AD record...i could filter on that one but it will remove the entire record from the results entirely. what i need is to deactivate this employee in crowd so that the "Disabled" flag gets synced to all connected applications like Jira, Confluence etc.

is this possible?


2 answers

1 accepted

0 votes
Answer accepted
Caspar Krieger Atlassian Team Feb 03, 2014

Support for Active Directory disabled accounts was added to Crowd 2.7 (CWD-995), so if you're using that version or higher then you should see the user get disabled in Crowd when they're marked as disabled in Active Directory.

Try to disable incremental synchronization feature and see if the changes picked up.

C. Faysal Feb 04, 2014

im on 2.7.1 ... how does that happen? ive asked some AD guys from the company and they said that on disabled accounts a specific bit is being set.

still those users ware active in crowd. what exactly must happen on AD side in order to get them disabled in crowd ?

Thank you Caspar


C. Faysal Feb 04, 2014

hmmm i found some setting in the directory connector

Manage User Status locally:

If ticked, you can activate and deactivate users in Crowd independent of their status in the directory server.

i see that this was ticked before...does that mean it will ignore the AD settings completely?

Caspar Krieger Atlassian Team Feb 05, 2014

Yes, if "Manage User Status Locally" was ticked, then Crowd will ignore whether the user is disabled or enabled in Active Directory. You should untick that if you want to use Active Directory to manage whether a user is enabled or disabled (note that the active/disabled status in Crowd will then be overwritten with whatever is in Active Directory on the next sync).

The background is that we introduced that option to keep backwards compatibility with existing installations of Crowd (i.e. to avoid enabling users which were intentionally disabled in Crowd but enabled in Active Directory); newly created Active Directory connectors should default to using the Active Directory server to determine whether a user is active or disabled.

0 votes
Jackie Chen Dec 19, 2017

Use CrowdLess - a free tool that allows to sync disabled account from Active Directory to Crowd. Here is the GitHub link:

Suggest an answer

Log in or Sign up to answer
This widget could not be displayed.
This widget could not be displayed.
Community showcase
Published in Opsgenie

Handling Opsgenie Alerts

Hi everyone, welcome to the kb articles for Opsgenie FAQs. I'm one of the Technical Support Engineers for Opsgenie who will be providing weekly posts on FAQs from customers.   All alerts are ...

72 views 0 3
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you