How to auto-deactivate Jira users when using LDAP integration?

I was surprised to findout that Jira users do not appear to be disabled when their accounts are disabled on LDAP.

Yes, they are not able to login anymore into Jira but still the other users do not see them as disabled users while browsing.

In fact it is even impossible to deactivate them if you are using LDAP, the option being available only when you user local directory.

The old way of "disabling" users was to remove all group memberships for the users but this is a very bad practice, as people may leave the company and return after, and sometimes this can even happen if they switch between temporary or permanent employee.

AD/LDAP has a good practice of maintaining the same account for everyone, for ever, only disabling them when people leave.

How can we solve this problem and be able to see the people left the company (diabled LDAP accounts) as disabled account in Jira.

This is essential because it allows people to reasign bugs to others when they see the "crossed" line above the disabled users.

3 answers

1 accepted

This widget could not be displayed.

JIRA now has the disabling of users feature. It should only be a matter of implementing https://jira.atlassian.com/browse/JRA-24937.

That is still unResolved at the moment!

This widget could not be displayed.

Hi Sorin

This is a known improvement request:

LDAP Delegate: Synchronize with AD to disable deleted users > https://jira.atlassian.com/browse/CWD-2478

I encourage you to vote on the ticket above and add yourself as a watcher. In case of updates, you'll be notified by email.

However, perhaps you may try to create a custom BATCH script or any other customization for auto-update the JIRA memberships after monitoring LDAP actions. Don't forget to use the developers.atlassian.com as a reference regarding the JIRA structure.

Cheers,

Paulo Renato

Actually, this is only for Crowd. You need to vote on JRA-24937 for direct JIRA LDAP/AD integrations.

FYI:

JIRA uses the guts of Crowd as its User Management library.

Improvements to Crowd LDAP support will also turn up in JIRA.

This widget could not be displayed.

This should now be solved for AD directories: https://jira.atlassian.com/browse/JRA-30694

For other LDAP directories you should refer to: https://jira.atlassian.com/browse/JRA-34557

Suggest an answer

Log in or Sign up to answer
Atlassian Summit 2018

Meet the community IRL

Atlassian Summit is an excellent opportunity for in-person support, training, and networking.

Learn more
Community showcase
Posted Wednesday in Teamwork

What teamwork quotes inspire you?

Hey everyone! My name is Natalie and I'm an editor of the Atlassian Blog and I've got a question for you: What's your favorite quote about teamwork?  We've compiled a list here, along with...

125 views 15 7
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you