Does JSD automatically create agent accounts?

I found something in Atlassians ticket system:

https://jira.atlassian.com/browse/JSDSERVER-903

This might be also our problem here! I have contacted our System Admin to check the settings of our LDAP User Directory.

BR

Our IT confirmed that LDAP is causing JIRA to set the group "jira-servicedesk-user" and therefore adding agents! Thank all of you, for your investigations!

I am happy that this mystery and misery finally is enlightened!

@H K, can you please reference the exact text from the link you provided that is directing you to use Service Desk Team for your developers? Service Desk Team = agents, at least this is the case in Cloud and I suspect the same in server. Are you using cloud or server?

Hello @Jack Brickey,

here is the text segment:

Involve Jira Software or Jira Core users

You can give users with Jira Software or Jira Core licenses permission to view and comment on service desk issues without a Jira Service Desk license.

To involve Jira application users:

1. In your service desk project, select Project settings () > People.
2. Add users to the Service Desk Team role.

[...]

For example, Martin, an IT service desk team agent, links an incident ticket in a service desk project to an underlying network problem ticket in a Jira Software project. Andrew, a Jira Software developer on the network operations team, assigns this network issue to himself and starts working on it. After fixing the problem, Andrew opens the linked service desk incident ticket and leaves an internal comment asking Martin to try the network connection again. After receiving the internal comment, Martin verifies the network connection and tells the customer that the problem is resolved.

HK, thanks for this. So it certainly appears that I am wrong here based upon this text. I will say that the user roles is one of the most confusing parts of JSD and this is particularly true in Cloud where it has changed a few times now since launch.

Can you confirm if you are on cloud or server? You can add the appropriate tag to this thread to clarify. Always good to include that info.

I ran a test on my side to see if I can replicate your scenario. I added one of my customers to the Service Desk Team role. I noted that indeed under User Management they are not listed as an agent. I then requested that they log out and back in to see if they suddenly became an agent. It did not change.

So i'm perplexed by this at the moment and am going to dig in a bit more, starting first w/ locating definitions of the roles I see in my instance. I'm also going to ping some other champions/atlassian's to see if they can chime in here.

Thank you a lot for your commitment, @Jack Brickey!

I am using JSD server version 3.8.2. I will add the tag.

In your test your customer is also in JSW? And was your customer able to see the Jira portal or only the customer portal?
As I understand the text, they should be able to use the Jira portal without being an agent. Because they should be able to write only internal comments.

I have unchecked the box for application acces to my developer. After that he was still in the role Service Desk Team but was only able to get to the customer portal. There he was not able to see any ticket in the project - of course, because he is not in the customers organization.

Maybe I need to try the role Developer instead. This would make sence even if the text says something else.

thanks HK. Yes my user was a JSW user as well. I don't know what you mean by "Jira portal" there is only the customer portal. In any event I did not have them do anything other than log out and back in. TBH, i'm really trying to understand Project Roles and how they differ from a Group.

Can you look at your Permissions for this project and add a screenshot here. I'm interested in seeing what permissions the Service Desk Team has. In particular does Service Desk Team appear on 'agent' actions. A users abilities in a project are driven by the Permissions.

By the way HK this is an example of this topic frustrating me.

In this document it indicates that Service Desk Team is intended to be for agents. 

I continue to scratch my head on this.

Hello @Jack Brickey,

by "Jira portal" I mean the view of the agants. It is like the view in JSW where you have Dashboards, Reports, issue filters etc. That is why I call it "Jira portal". The restricted view  for our customers (announcements, create request types, search bar for knowledge base, view tickets with almost no filters) is what I call "customer portal".
So customer portal for customers, Jira portal for agents and probably for these ominous JSW users that should not be agents ;-)

Okay so to my permissions. I nearly use the default permissions so the role "Service Desk Team" is almost in every permission.

AND I noticed the existence of the "Service Desk Agent" permission only now!
Of course this permission is granted to the role Service Desk Team. That is also the default and so you are right Service Desk Team is intended to be for agents! This seems to be the problem than!

But what I don't understand is, that the document by Atlassian about how to "Involve Jira Software or Jira Core users" does not give a hint on that contradiction.

Sooo... I will try that out again. I will use another role and edit the permissions for this role!

Thank you @Jack Brickey for this important hint!

Hi HK! As for terminology you should refer to the agents view as simply the application view or agent view rather than portal so as not to confuse with customer portal. 

Regarding your observations for sure this area is confusing. I’m going to continue to investigate and understand this include reaching out to Atlassians if possible. Ultimately once I have a good understanding I’m going to write an article for the Community that hopefully will help clear the fog for others.

Our stuff is managed via LDAP. But per default they do not have application access. This (normally) has to be done manually.

I added the employee in the project settings of the specific project. Under users and roles, I added him to the role "SERVICE DESK CUSTOMERS" and also added him to the customers organization.

In the user management I have not found any jira groups marked as "Default".

Kind regards

Hi HK, do not search in user management, if you go into Application -> Application access, there you are going to be able to see the groups that are linked to acces to applications, check groups that the user is are not there because if the user is in a group that is linked to application access he is going to be able to acces Jira (for example jira-users).

Regards

Hi @laralg,

thank you for your explanation. The user is/was not in any of these groups under Application -> Application access when I added him to the project. In fact, he is in no group at all.

After he has send me the screenshot and I realized he suddenly is an agent, he was in the jira-servicedesk-users group. I removed him again. We will see if he mysteriously gets in there again :P

Regards

Do no forget to check in the application access screen there is a button on the top right that says Set defaults for new users!

Good luck"!

H. K,

No, JSD doesn't automatically create agents account.

You as the JSD admin can manually add agents to the role of Service Desk Team OR Invite them in which they'll be added to the SDT role.

In addition, agents can have licenses in order to work on tickets and comment on tickets. Agents can also NOT have a JSD license and still work on issues, however, their functions will be limited on what they can do on a ticket. E.g, they won't be able to comment on a ticket externally but internally.

victor