It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

How to auto-deactivate Jira users when using LDAP integration?

I was surprised to findout that Jira users do not appear to be disabled when their accounts are disabled on LDAP.

Yes, they are not able to login anymore into Jira but still the other users do not see them as disabled users while browsing.

In fact it is even impossible to deactivate them if you are using LDAP, the option being available only when you user local directory.

The old way of "disabling" users was to remove all group memberships for the users but this is a very bad practice, as people may leave the company and return after, and sometimes this can even happen if they switch between temporary or permanent employee.

AD/LDAP has a good practice of maintaining the same account for everyone, for ever, only disabling them when people leave.

How can we solve this problem and be able to see the people left the company (diabled LDAP accounts) as disabled account in Jira.

This is essential because it allows people to reasign bugs to others when they see the "crossed" line above the disabled users.

3 answers

1 accepted

3 votes
Answer accepted

JIRA now has the disabling of users feature. It should only be a matter of implementing https://jira.atlassian.com/browse/JRA-24937.

That is still unResolved at the moment!

Hi Sorin

This is a known improvement request:

LDAP Delegate: Synchronize with AD to disable deleted users > https://jira.atlassian.com/browse/CWD-2478

I encourage you to vote on the ticket above and add yourself as a watcher. In case of updates, you'll be notified by email.

However, perhaps you may try to create a custom BATCH script or any other customization for auto-update the JIRA memberships after monitoring LDAP actions. Don't forget to use the developers.atlassian.com as a reference regarding the JIRA structure.

Cheers,

Paulo Renato

Actually, this is only for Crowd. You need to vote on JRA-24937 for direct JIRA LDAP/AD integrations.

FYI:

JIRA uses the guts of Crowd as its User Management library.

Improvements to Crowd LDAP support will also turn up in JIRA.

Like Iftekharul Hoque likes this

This should now be solved for AD directories: https://jira.atlassian.com/browse/JRA-30694

For other LDAP directories you should refer to: https://jira.atlassian.com/browse/JRA-34557

Suggest an answer

Log in or Sign up to answer
Community showcase
Posted in United States

Welcome new members!

Wow, I got swamped and now that I've finally gotten my head back above water, I find we have several new members! Welcome @Darren Keith lowman , @Amanda Babb , @Luis Zapata , @Joli Holmes , and @bh...

24 views 0 2
View post

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you