Within Jira, a specific AD user will not reactivate

David Senterfitt November 3, 2015

I have a particular user that had previously left the company and was disabled within Active Directory. That person has now returned to the company and I have enabled them within Active Directory. JIRA does not show the person as active, still shows inactive. I have forced a LDAP directory synchronization. I have updated a different user's AD group membership and viewed within JIRA to confirm successful directory synchronization.  I have re-enabled a different person and successfully viewed within JIRA that person going from inactive to active.  Where do I go from here?

5 answers

1 accepted

1 vote
Answer accepted
David Senterfitt November 3, 2015

The solution that finally worked for me.

  1. Have the reinstated user log out of their computer.
  2. Administer their account in Active Directory.
    1. Mark their account back to "Disabled"
    2. Move their account object to a different OU
  3. Within JIRA, synchronize the LDAP directory.
  4. Within Active Directory
    1. Mark their account back to "Enabled"
    2. Move their account object to desired OU
  5. Within JIRA
    1. Synchronize the LDAP directory.
    2. Verify user account is NOT "Deactivated"
GabrielleJ
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
November 3, 2015

So the question here is why does it need to be disabled, moved to a different OU, sync then repeat the process (inverted) before it can finally catch up. It can mean that it only syncs one time but it does not explain the need to move them to a new OU. We can send a question to Atlassian (support.atlassian.com) and/or update their documentation about this.

teisyun January 14, 2019

I have the same issue that an AD user can't be re-activated in JIRA.

Can this be solved within JIRA but not touching AD? 

I'm JIRA admin, I don't have access to AD, and there will be lots of hassle to make change in AD.

Thanks. 

3 votes
Nastja K February 1, 2019

This solution worked for me without changing OU:

  1. Login with the local account.
  2. Edit your LDAP connector settings and uncheck the following checkbox in Advanced settings section:
    Screen Shot 2019-02-01 at 11.55.44.png
  3. Force the full synchronisation.
2 votes
Michael Ries January 29, 2020

It is 2020 and this problem does still exisist?

In fact we are facing it right now!

Is there a fix I am not aware of? and no, like @Jonas Andersson stated, hacking and crude workarounds are no solutions.

 

official statement from atlassian? thank you

Nathan Trout February 9, 2021

I am still waiting on this fix too

Krzysztof Skrzypczyk July 1, 2021

I will now join this little club here....

1 vote
Jonas Andersson
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
January 7, 2020

Another hack to get around it:

Find user:

select ID, user_name from cwd_user where email_address="user@your.org";

update cwd_user set active=1 where ID=<USERID_FROM_ABOVE>;

The restart Jira.

 

Atlassian, please add functions in jira to re-enable and resync, not to have to hack our infrastructures around to get around easy issues like this. A user should not have to be disabled, moved around, or Jira db hacked and jira becoming unavailable, when the fix is this easy!

0 votes
GabrielleJ
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
November 3, 2015

Can you explain more on how you do force LDAP sync? Like here? https://confluence.atlassian.com/jira/synchronising-data-from-external-directories-229838555.html

David Senterfitt November 3, 2015

To force a sync in Jira, go to Admin --> User Management. On left column of options, select "User Directories". Locate the listing for your Active Directory within the list of "User Directories" and on the right side you should see the word "Synchronise". Select it to synchronize.

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events