Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Confluence & Anonymous Access: How to limit space admins ability to enable Anonymous Access?

Joseph Orellana
Joseph Orellana
Contributor
October 20, 2016

We are currently using Confluence with JSD and we would like to turn one Anonymous Access in order for the KB to work on public signup. We know how to enable Anonymous Access globally, but is there a way to limit space admins from turning on Anonymous Access? In other words, is there a way to strip space administrator from having the ability to enable Anonymous Access?

We tried creating a new group that does not have space admin permissions, but now those users cannot create space templates because they need to be a space admin to do so. 

Any help is greatly appreciated! Thanks! 

Answer
Watch
Like steve_evermore likes this
1144 views

3 answers

0 votes
Joseph Orellana
Joseph Orellana
Contributor
October 21, 2016

First off thanks for the responses, @Lameck Oliveira [Diferencial TI] & @Rob Woodgate. I really appreciate the help.

So, getting back to it, we actually have a space in Confluence that is dedicated for the JSD Knowledge Base and--once we decide how to manage Anonymous Access–this will be the one space that we want to have public, so to speak. So that is not the problem. 

The problem is actually two-fold: First, once we have Anonymous Access enabled globally, all Space Administrators will have the ability to allow there spaces to become Anonymously accessible. We solved this by creating a new group in our LDAP server and then delegating them all the permissions save for Space Admin rights. This solved our first problem.

However, in doing so, we ended creating a second problem in that space templates can only be created by those who are Confluence Administrators (not space admins). So, we are looking for a more granular approach in which we can give–what we call-- "Space Managers" the ability to create templates without the ability to enable Anonymous Access. 

@Rob Woodgate, do you know of a way to run a script to strip personal space admin rights? Or someone who does?

View More Comments
Rob Woodgate
Rob Woodgate
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
October 26, 2016

Hi Joseph,

I totally get that you want to prevent the possibility of space admins making their spaces accessible to anonymous users, but I think you're pushing the space admin model further than it's intended.

If someone is responsible enough to be a space administrator, then (within Atlassian's model) they are responsible enough to determine the permissions for the space.  As such, if you don;t want Anonymous mode turned on then space administrators need to be told that turning on Anonymous access is punishable by [insert appropriate punishment].  If they can't be trusted to adhere to this, they shouldn't have space admin privileges.  If you've removed space creation rights for everyone except Confluence Admins then this wouldn't be an issue anyway though.

However, you need to do what's right for your situation smile

To address your specific question, if this can be done by a site admin then I don't know how (but I'd be interested to learn).  Your best bet is probably to log a support request with Atlassian - they may be able to do something at the DB level, or tell you what you need to know about the table structure to amend the permissions yourself. 

Word of warning: Those type of changes would almost certainly be unsupported, so if you have a problem with them you'd have to pay a consultant to fix them.  Good luck, I hope you can find a solution that works for you.

Like
Reply
0 votes
Rob Woodgate
Rob Woodgate
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
October 21, 2016

Hi Joseph,

In short: No, you can't do this.  Assuming you've got Anonymous Access turned on globally, the only way to stop space admins being able to turn it on at space level is to switch off the Admin option in the permissions for the space.  But then they'll lose all of the other Admin privileges as well, which defeats the object!

Lameck's solution will unfortunately still give all space admins the ability to turn Anonymous Access on for their space.

A potential option you could try is to only allow site administrators to create spaces.  That would mean no personal spaces though, or only allowing personal spaces where the user doesn't have space admin privileges to their own space.  It would also mean the site admins would be the only space administrators, and you'd have to be willing to take on that extra level of work. 

Your question and use case seems perfectly sensible though.  It might be worth putting a request into Atlassian to add this functionality in?

Reply
0 votes
Meck
Meck
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
October 20, 2016

Hi Joseph,

You need setup a public space. https://confluence.atlassian.com/doc/setting-up-public-access-156.html

And only this is space is able to anonymous access.

You can read more here too https://confluence.atlassian.com/cloud/managing-anonymous-or-public-access-690849667.html#notfound

Regards.

Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.