Users lose access from groups

Licencing Licencing April 15, 2020

Hi Community people, 

 

Hope you are all well and safe. I face an issue with JIRA Server 7.12.1, my user management is under LDAP sync and lately random users are removed from their groups, even jira-users and they do not have access to JIRA. Any suggestions ?

1 answer

1 accepted

0 votes
Answer accepted
Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
April 15, 2020

There's broadly two things that can cause this

LDAP synchronisation is failing - you'll need to test it in the directory screen and check the logs for sync errors

Your directory administrators have genuinely removed the people from their groups

Kacper Goleń December 28, 2020

Hi. Where I can find the logs? Somewhere in Jira logs, or LDAP?

Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
December 28, 2020

Both, possibly.

The jira application log should record any LDAP sync errors, that's <jira home>/log/atlassian-jira.log.  They might point you to errors on the LDAP side though, then you'd need to read the LDAP logs.

Kacper Goleń December 29, 2020

Can you possibly give me one more hint?
I know where logs are. However, when I open this log file with

tail -f atlassian-jira.log

and test "Remote Directory Connection" I can't see new logs in this file.

I believe that's because of the wrong "Logging Level". https://<jira_address>/secure/admin/ViewLogging.jspa

Do you know which Package Logging Level I should change to see more logs?

Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
December 29, 2020

The test not throwing any errors is expected if it passes the test - it is just a "can I connect to and authenticate with this LDAP connection", it's not trying to actually get any data.

You'll need to try a full synchronisation, or look for errors thrown by the previous ones.

Kacper Goleń December 29, 2020

@Nic Brough -Adaptavist- 

Thanks for all advices. 

Suggest an answer

Log in or Sign up to answer