Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Jira AD sync issue

vishal03kadam
vishal03kadam May 2, 2019

Hi Team, 

In our case, we create a user object in AD and give permission to the Jira group. This used work in past now what has been observed is when we create an AD object and assignee an AD group (Jira) in AD, the user gets created in Jira internal directory but it does not get the Jira application permission which in past used to get automatically. The checkbox of Jira Application is unchecked now which was checked by default when a new user was created and assigned to Jira group in AD. I am unable to find what is going wrong were.   

Answer
Watch
Like Be the first to like this
501 views

1 answer

0 votes
Brant Schroeder
Brant Schroeder
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
May 2, 2019

It could be one of two issues:

  1. You changed your Jira user directory settings.  For the AD (LDAP) directory there is a setting to add user groups automatically.  You can set this up so it automatically applies the group you are using to provide a Jira license, jira-core-users for example.  You can learn more here: https://confluence.atlassian.com/adminjiraserver/connecting-to-an-ldap-directory-938847052.html?_ga=2.32066234.528327540.1556810616-1785046573.1549295491#ConnectingtoanLDAPdirectory-Groupschemasettings%C2%A0
  2. You changed what groups are able to access Jira. In Jira instances where I am connected to AD then usually I tie a certain AD group to users to manage licensing.  That group is provided access in Jira by managing group access to applications.  If you remove the group then individuals would loose access.  Learn more here: https://confluence.atlassian.com/adminjiraserver/manage-group-access-to-applications-938847042.html
View More Comments
Calderara Serge
Calderara Serge May 11, 2022

@Brant Schroeder , I have in same situation but in fact I think the explaination that user try to explain is same as in my case.$

I have an Azure AD synchromisation process wihich is done every 15mn, then all AD groups and users gets associate to this AD Directory which is set as READ ONLY.

What is happening in my case, is that when a user is created in Azure AD and associated to a group, when the AD sync occurs in Jira, it add correctly the new user and linked it to AD Directory BUT in addition it is added that same user as a phantom user in Jira Internal directory

This was not occuring before until we update our jira to 8.20 Data Center version

Why and how this user van be created in Internal Jira directory ?

It should not be added there unless Atlassian change the process and all user gets added to both ? which will be really stupid

Thnanks for your point of view

regarsd

Like
Brant Schroeder
Brant Schroeder
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
May 11, 2022

@Calderara Serge I am not aware of any changes.  If this is happening it might be do to a setting in AD that is now considered in the sync that was not before.  I would reach out to Atlassian support.  They will be able to see your full configuration in the support zip and should be able to tell from that why the phantom user is occurring.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

    See all events