Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Next challenges

Recent achievements

  • Global
  • Personal


  • Give kudos
  • Received
  • Given


  • Global

Trophy case

Kudos (beta program)

Kudos logo

You've been invited into the Kudos (beta program) private group. Chat with others in the program, or give feedback to Atlassian.

View group

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Problem with user in LDAP

I have a user in LDAP. I see it from my JIra Server instance (User management - Users). It doesn't have any groups. But when I click in  Edit User Groups. the following message appears:


Do you know what the problem is?


1 answer

0 votes
Andy Heinzer Atlassian Team May 10, 2019

Hi Marcela,

This is a weird one to see.  I'm still not sure exactly how your Jira managed to do this.  So far I haven't been able to recreate this exact scenario.  How could a user be a member of all groups and not a member of any groups at the same time?  The only weirdly semi-logical answer I can seem to find would be if there are no groups at all, but if that's true it just raises more difficult questions.  Let me try to explain:  Groups have to exist in Jira, they are the basis for application access, and are frequently used in many other facets like notifications schemes, permission schemes, global permissions, etc.

However groups tend to be bound to the user directory they come from in Jira.  There is one notable exception; if your LDAP directory in Jira is setup with the option called Read Only with local groups, this options allow these LDAP users to have group memberships inside of groups that exist in the Jira internal directory.  Aside from that one exception, a user account has to get its group membership from groups that also come from that same directory.

Ok, that said, It's also possible that you can sync users into Jira from LDAP, but not sync over any groups from that LDAP directory.  It's not common to do, because if you want to manage all these users from the LDAP side, Jira is going to need some way to place these users into a group. Without at least one group this user can be in, Jira can't even give the user account application access to sign in to Jira (not a problem if the user is only using the Jira Service Desk customer portal, as these don't require users to be licensed).

Tell us more about your user directory configuration in Jira. You can find this information in Jira's User Management -> User Directories -> Edit the directory in question 

  1. What "LDAP Permissions" setting does it have in Jira?  Read only, Read only w/ local groups, or Read/Write?
  2. Could you share with us the "Group Schema Settings" here?
  3. What version of Jira is this?
  4. If you have access to the SQL database Jira is using try running the following queries and let me know the results.

select * from cwd_user where lower_user_name='johndoe';


select * from app_user where lower_user_name='johndoe';

Curious to learn more about this problem.


Hi! Thanks!!! 

My answers would be:

1.- Microsoft Active Directory (Read Only, with Local Groups)

2.-  Group schema Setting from LDAP? I don't have acces. This must be check with IT (I'll send it as soon as they tell me.

3.- 7.13.2

4.- I'm trying to access SQL database Jira,  but I don't know how. I'll send it as soon as I found out.

Thanks for the help. I'm lost. Regards, Marce

Additional information: 


2.- Image attached


4.- select * from cwd_user where lower_user_name='eacuna';


Acuña Eduardo Ramón




acuña eduardo ramón












select * from app_user where lower_user_name='eacuna';








Regards, Marcela

Andy Heinzer Atlassian Team May 14, 2019

Hi Marcela,

Thanks for this information.  I am afraid I don't see any attachment here, although you mentioned adding one here.

Is this problem only happening for this one user?  Or do you have other users with this same problem?

I suspect there might be a problem with the character 'ñ' in this user's name.  I would recommend walking through the steps in JIRA Application internationalisation and encoding troubleshooting.  It has some JVM startup arguments you can add to Jira to make sure the application itself is using the UTF-8 character encoding:

Start JIRA with the variable -Dfile.encoding=utf-8 and -Dsun.jnu.encoding=UTF-8. See Setting properties and options on startup.

I would start here and see if this helps make a difference here.  It might be the cause, but even if it is not, it's still good to check and make sure this isn't a problem.  If you still see this problem after trying this, I would be interested to see if we could take a look at a support zip from your environment to see if we can learn more about your system.


Suggest an answer

Log in or Sign up to answer

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you