I have a question concerning Atlassian Cloud Enterprise.
My customer has Atlassian Enterprise with multiple sites. The users are provisioned using Atlassian Access and Azure Active Directory (they are all in single directory). The customer has multiple sites.
How to limit user access to certain sites. User A should have only access to site1. So if I go to site2 and try to mention the user or assign him a ticket, the user should not be visible. The user must not be able to access the site2.
Thank you for your answers.
Atlassian does not do general access by restriction, it does it permissively. That is you say "this person can", rather than "this person can not".
To do this, the applications all have a simple rule - they have a list of user groups that say "a person in this group is a user of this application". By default, the applications have a single group for this, and it's usually clearly named - confluence-users, jira-software-users etc.
In a multi-instance site such as yours, if you've gone with the defaults, then you'll have set up a situation where all your people are in a set of directories that name them as "jira users". It's quite likely that Jira-1, Jira-2 and Jira-3 are all using the default "jira users" group, so everyone who needs to use any of your Jira systems is added in that group and hence ends up with access to all of them.
To change this, you'll need to do some restructuring. By all means, leave the jira users group as it is, but for a Jira system that should not be letting some people be users, change the access model. Set it up so that it only recognises people of a different group as being its users. I mean, do something like create and populate groups like jira-1-users, jira-2-users, jira-3-users, and then change Jira-1's "application access" so that it uses jira-1-users to say who can use it, and similarly for the others.
Thanks Nic. The problem is with users provisioned with Atlassian Access and Azure active directory. I contacted Atlassian support and they confirmed that even with limiting access of certain users to certain sites, these users might be searchable under sites where they don't have access to. There is a ticket to fix this: https://jira.atlassian.com/browse/ACCESS-977
Hope it will be fixed very soon to increase the acceptance for enterprise customers
For JSM June Challenge #2, share how your non-technical teams like HR, legal, marketing, finance, and beyond started using Jira Service Management! Tell us: Did they ask to start using it or...
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event
You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events