Trying to setup a new permission scheme to ensure an external supplier can access the relevant project only. I have followed the instructions provided to manage project permissions and project role membership, but as soon as i remove the default permissions scheme the user is unable to login to Jira. When both schemes are added the used has access to all projects.
Any help will be greatly appreciated.
There's two things to check here.
First, go into Admin -> global permissions. Here, you need to look at "who can log into Jira" - that determines who can log into the system, and is usually set to "jira users" (and admins, of course!)
Secondly, there's the permission scheme for each project. I suspect you've actually got most, if not all, of this right, but you've stumbled into the usual trap and used the default of "the group called jira-users can do things"
The thing I'm going for here is that I suspect you've accepted the (annoyingly bad) defaults and accidently mixed up "can log in" with "can do stuff" groups. I'm afraid you'll need to unpick jira-users from your permissions scheme (ideally, set up the group jira-users to do *nothing* other than "can log in").
Oh, bother, OnDemand again, I'm sorry, I didn't notice that.
I think that's all done to off-the-shelf setup, so I suspect they'll simply ask you to remove jira-users from all your permission schemes. (This isn't actually a bad thing, worth dealing with now rather than later - I always recommend having a group for "can log in, but do absolutely nothing else" so you can have confidence in your permissions)
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG