Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Problem with user in LDAP

Marcela Junyent
Marcela Junyent
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
May 9, 2019

I have a user in LDAP. I see it from my JIra Server instance (User management - Users). It doesn't have any groups. But when I click in  Edit User Groups. the following message appears:

ErrorJiraUSER.JPG

Do you know what the problem is?

 

Answer
Watch
Like Be the first to like this
412 views

1 answer

0 votes
Andy Heinzer
Andy Heinzer
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
May 10, 2019

Hi Marcela,

This is a weird one to see.  I'm still not sure exactly how your Jira managed to do this.  So far I haven't been able to recreate this exact scenario.  How could a user be a member of all groups and not a member of any groups at the same time?  The only weirdly semi-logical answer I can seem to find would be if there are no groups at all, but if that's true it just raises more difficult questions.  Let me try to explain:  Groups have to exist in Jira, they are the basis for application access, and are frequently used in many other facets like notifications schemes, permission schemes, global permissions, etc.

However groups tend to be bound to the user directory they come from in Jira.  There is one notable exception; if your LDAP directory in Jira is setup with the option called Read Only with local groups, this options allow these LDAP users to have group memberships inside of groups that exist in the Jira internal directory.  Aside from that one exception, a user account has to get its group membership from groups that also come from that same directory.

Ok, that said, It's also possible that you can sync users into Jira from LDAP, but not sync over any groups from that LDAP directory.  It's not common to do, because if you want to manage all these users from the LDAP side, Jira is going to need some way to place these users into a group. Without at least one group this user can be in, Jira can't even give the user account application access to sign in to Jira (not a problem if the user is only using the Jira Service Desk customer portal, as these don't require users to be licensed).

Tell us more about your user directory configuration in Jira. You can find this information in Jira's User Management -> User Directories -> Edit the directory in question 

  1. What "LDAP Permissions" setting does it have in Jira?  Read only, Read only w/ local groups, or Read/Write?
  2. Could you share with us the "Group Schema Settings" here?
  3. What version of Jira is this?
  4. If you have access to the SQL database Jira is using try running the following queries and let me know the results.

select * from cwd_user where lower_user_name='johndoe';

and

select * from app_user where lower_user_name='johndoe';

Curious to learn more about this problem.

Andy

View More Comments
Marcela Junyent
Marcela Junyent
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
May 10, 2019

Hi! Thanks!!! 

My answers would be:

1.- Microsoft Active Directory (Read Only, with Local Groups)

2.-  Group schema Setting from LDAP? I don't have acces. This must be check with IT (I'll send it as soon as they tell me.

3.- 7.13.2

4.- I'm trying to access SQL database Jira,  but I don't know how. I'll send it as soon as I found out.

Thanks for the help. I'm lost. Regards, Marce

Like
Marcela Junyent
Marcela Junyent
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
May 13, 2019

Additional information: 

 

2.- Image attached

 

4.- select * from cwd_user where lower_user_name='eacuna';

display_name

Acuña Eduardo Ramón

lower_last_name

acuña

lower_display_name

acuña eduardo ramón

email_address

 

lower_email_address

 

CREDENTIAL

nopass

deleted_externally

0

EXTERNAL_ID

ca496753a8a2ec4db7d6f597261c0ff8

 

select * from app_user where lower_user_name='eacuna';

ID

15413

user_key

eacuña

lower_user_name

eacuña

 

Regards, Marcela

Like
Andy Heinzer
Andy Heinzer
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
May 14, 2019

Hi Marcela,

Thanks for this information.  I am afraid I don't see any attachment here, although you mentioned adding one here.

Is this problem only happening for this one user?  Or do you have other users with this same problem?

I suspect there might be a problem with the character 'ñ' in this user's name.  I would recommend walking through the steps in JIRA Application internationalisation and encoding troubleshooting.  It has some JVM startup arguments you can add to Jira to make sure the application itself is using the UTF-8 character encoding:

Start JIRA with the variable -Dfile.encoding=utf-8 and -Dsun.jnu.encoding=UTF-8. See Setting properties and options on startup.

I would start here and see if this helps make a difference here.  It might be the cause, but even if it is not, it's still good to check and make sure this isn't a problem.  If you still see this problem after trying this, I would be interested to see if we could take a look at a support zip from your environment to see if we can learn more about your system.

Andy

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

    See all events