I was surprised to findout that Jira users do not appear to be disabled when their accounts are disabled on LDAP.
Yes, they are not able to login anymore into Jira but still the other users do not see them as disabled users while browsing.
In fact it is even impossible to deactivate them if you are using LDAP, the option being available only when you user local directory.
The old way of "disabling" users was to remove all group memberships for the users but this is a very bad practice, as people may leave the company and return after, and sometimes this can even happen if they switch between temporary or permanent employee.
AD/LDAP has a good practice of maintaining the same account for everyone, for ever, only disabling them when people leave.
How can we solve this problem and be able to see the people left the company (diabled LDAP accounts) as disabled account in Jira.
This is essential because it allows people to reasign bugs to others when they see the "crossed" line above the disabled users.
JIRA now has the disabling of users feature. It should only be a matter of implementing https://jira.atlassian.com/browse/JRA-24937.
That is still unResolved at the moment!
Hi Sorin
This is a known improvement request:
LDAP Delegate: Synchronize with AD to disable deleted users > https://jira.atlassian.com/browse/CWD-2478
I encourage you to vote on the ticket above and add yourself as a watcher. In case of updates, you'll be notified by email.
However, perhaps you may try to create a custom BATCH script or any other customization for auto-update the JIRA memberships after monitoring LDAP actions. Don't forget to use the developers.atlassian.com as a reference regarding the JIRA structure.
Cheers,
Paulo Renato
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Actually, this is only for Crowd. You need to vote on JRA-24937 for direct JIRA LDAP/AD integrations.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
FYI:
JIRA uses the guts of Crowd as its User Management library.
Improvements to Crowd LDAP support will also turn up in JIRA.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
This should now be solved for AD directories: https://jira.atlassian.com/browse/JRA-30694
For other LDAP directories you should refer to: https://jira.atlassian.com/browse/JRA-34557
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.