Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Delete users from a deleted LDAP

Olivier Lottin
Olivier Lottin September 21, 2022

Hello,

We have a locally hosted jira software, and we had an AD migration following the acquisition of our company.
The problem is that some disable AD accounts from the old LDAP had not been deactivated from Jira access (Access to the application: Jira Software had not been unchecked on the profile).
And those disable AD account have not been recreated in the new LDAP server.

So the user which remains in Jira is therefore an user of the old system who is no longer accessible.

And so that we can no longer uncheck this box of the access to the application.
We have the following error message:

com.atlassian.crowd.exception.runtime.OperationFailedException: org.springframework.transaction.CannotCreateTransactionException: Could not create DirContext instance for transaction; nested exception is org.springframework.ldap.CommunicationException: OldDomainControler:389; nested exception is javax.naming.CommunicationException: OldDomainControler:389 [Root exception is java.net.UnknownHostException: OldDomainControler]

The problem is that the user is still using an access to the application: Jira Software license even though it no longer exists. and due to limitation of the number of license locally i can't add new user for connect to Jira.

Is there a way to uncheck this box and make the used license available ?
Without necessarily deleting the user, but at least being able to release the access license.

Thank you.

Answer
Watch
Like Be the first to like this
418 views

1 answer

0 votes
Andrew Laden
Andrew Laden
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
September 21, 2022

Is the user showing as disabled in jira? I don't believe disabled users consume a license even if they would otherwise be granted access.

Did you grant licenses individually, or did you rely on some group membership to grant the license? If you used groups, you should see if you can remove the user from the group in jira. 

A lot of this will really depend on how you set up your ldap integration, and your application licensing.

View More Comments
Olivier Lottin
Olivier Lottin September 22, 2022

Hello,
The user does not appear as disabled.
It appears active, that's the problem.
Because in the old AD, the user had just left the company before the migration, his account was not deactivated in the old AD, but was not created in the new AD.
So this user does not exist anymore.
And old domain controller does not exist anymore.
Impossible to remove the user from a group or to uncheck the box 'Jira software' on his profile.
In the configuration of the LDAP user directory it is indicated the default group membership = jira-users. not jira-software-user (user in jira-software-user is manually manage)
This user is too in jira-administrator group and i can't delete it

Like
Andrew Laden
Andrew Laden
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
September 22, 2022

In the settings for your user directory configuration, under advanced settings, do you have the "Enable Incremental Synchronization" checkbox checked?

If you do, try unchecking it and running another sync. See if that clears things out.

You can also try checking off "Manage User Status Locally" and "Filter out expired users"

See if any of those settings help

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

    See all events