Are you in the loop? Keep up with the latest by making sure you're subscribed to Community Announcements. Just click Watch and select Articles.

×
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Celebration

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root

Avatar

1 badge earned

Collect

Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!

Challenges
Coins

Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.

Recognition
Ribbon

Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!

Leaderboard

Join now to unlock these features and more

Delete users from a deleted LDAP

Edited
Olivier Lottin
Olivier Lottin Sep 21, 2022

Hello,

We have a locally hosted jira software, and we had an AD migration following the acquisition of our company.
The problem is that some disable AD accounts from the old LDAP had not been deactivated from Jira access (Access to the application: Jira Software had not been unchecked on the profile).
And those disable AD account have not been recreated in the new LDAP server.

So the user which remains in Jira is therefore an user of the old system who is no longer accessible.

And so that we can no longer uncheck this box of the access to the application.
We have the following error message:

com.atlassian.crowd.exception.runtime.OperationFailedException: org.springframework.transaction.CannotCreateTransactionException: Could not create DirContext instance for transaction; nested exception is org.springframework.ldap.CommunicationException: OldDomainControler:389; nested exception is javax.naming.CommunicationException: OldDomainControler:389 [Root exception is java.net.UnknownHostException: OldDomainControler]

The problem is that the user is still using an access to the application: Jira Software license even though it no longer exists. and due to limitation of the number of license locally i can't add new user for connect to Jira.

Is there a way to uncheck this box and make the used license available ?
Without necessarily deleting the user, but at least being able to release the access license.

Thank you.

Answer
Watch
Like Be the first to like this
342 views

1 answer

0 votes
Andrew Laden
Andrew Laden
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
Sep 21, 2022

Is the user showing as disabled in jira? I don't believe disabled users consume a license even if they would otherwise be granted access.

Did you grant licenses individually, or did you rely on some group membership to grant the license? If you used groups, you should see if you can remove the user from the group in jira. 

A lot of this will really depend on how you set up your ldap integration, and your application licensing.

View More Comments
Olivier Lottin
Olivier Lottin Sep 22, 2022 • edited

Hello,
The user does not appear as disabled.
It appears active, that's the problem.
Because in the old AD, the user had just left the company before the migration, his account was not deactivated in the old AD, but was not created in the new AD.
So this user does not exist anymore.
And old domain controller does not exist anymore.
Impossible to remove the user from a group or to uncheck the box 'Jira software' on his profile.
In the configuration of the LDAP user directory it is indicated the default group membership = jira-users. not jira-software-user (user in jira-software-user is manually manage)
This user is too in jira-administrator group and i can't delete it

Like
Andrew Laden
Andrew Laden
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
Sep 22, 2022

In the settings for your user directory configuration, under advanced settings, do you have the "Enable Incremental Synchronization" checkbox checked?

If you do, try unchecking it and running another sync. See if that clears things out.

You can also try checking off "Manage User Status Locally" and "Filter out expired users"

See if any of those settings help

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira Software
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

See all events