This is a complex question, so please feel free to share your any considerations or proposals where I should look for any relevant/actual info.
CLOUD JIRA = CJ
SERVER JIRA = SJ
User management features/ behaviour is under discussion.
1) What is the difference between CJ remove user and SJ delete user? From BA view and software point of view.
- If we are looking for a deleted user by using CJ API, this user will be returned and we can get access to user Full name/mail/username. In a case of SJ API, it will resolve this user as NOT EXISTING user and everything that we can get this is user USERNAME. In short, for SJ deleted user will be hard deleted, for CJ user is still present.
2) What is the difference between removed/deleted CJ SJ user and inactive/disabled CJ SJ user? From BA view and software point of view.
- CJ API and SJ can return info about users if they are disabled.
3) Who can make user disabled? or what makes user disabled?
4) What information SJ will store? in case
- user was disabled/deactivated
- user was deleted
What information CJ will store? in case
- user was disabled/deactivated
- user was removed
Welcome to the Atlassian Community!
It is worth understanding the underlying Jira user structures here.
An account identifies a user to Jira. Jira needs this for tracking what people do, who is assigned to what, who to email, who can do what in various places and so on.
To do this, it needs a user directory to work with (a list of users with some data about who they are, name, email, etc)
Various Jira systems do this in different ways.
Directory | Server/DC | Cloud | |
Internal | Y | N | Directory built into Jira |
External | Y | N | AD, LDAP, Crowd, etc |
Atlassian ID | N | Y | The external account we are using to post here! |
Google Accounts | N | Y | Mostly just a linked Atlassian ID |
External via Atlassian Access | N | Y | AD, LDAP, Crowd, etc |
So, you'll notice one immediate difference between Cloud and Server - Cloud does not hold it's own accounts.
Server/DC accounts are added to your system, they exist within it.
Cloud accounts are not added, they are granted access.
When you delete a Server/DC account, it's gone, you've destroyed it. There's nothing for Jira to report on any more. (which is why the standing advice is "do not delete" - it destroys your tracking information.
You can't delete Cloud accounts - they don't belong to Jira. But you can remove their access.
Deactivate works roughly the same in both. You put (or remove, I can't remember which without looking again at a Jira database) a flag on the account that says, "this account cannot use the system any more". It does not destroy any data, and you can still report on it.
Hi Nic, I'm currently looking for official information on how user at-mentions and assignations react to the deactivation and deletion of cloud accounts. Then I bumped into your thread here.
And I need to add that via Atlassian Access you can delete entire cloud accounts. Of course, this only applies to managed accounts. Then it's gone.
Do you have good sources I can send a customer for explaining the consequences in JS, JSM and CON when users are deactivated vs. deleted?
Thanks,
Martin
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.