Remove unlicenced user icons

Hi @Ste Wright , thanks for the response.

Yep, I've already deleted the user account, however it does not show as Former User per the screenshots in the page you shared.  Unless I've done something wrong.  I just searched for that user in Atlassian/Admin/Users and no user exists.

Also, when I click on the AC icon the following is displayed:

The copy page does remove the unlicenced user, however this is not fit for our purpose as I lose Page History (which is a requirement to view versions, published, changed by and reason for change (under comments).  It's ok, we can live with how it currently is.

Speaking of which (sorry this is a different topic) but is there a feature to add another column to the Page History?   Our customers always complain that the only missing information is the Authorised By information. 

Hi @jack 

I'd contact Atlassian Support about the Former User issue; to get their direct view on whether this is expected behaviour.

Let us know what they say!

---

For Page History, I'm not sure what you mean by Authorised By - can you clarify how this user would be populated?

However, customisations for the Page History is not something I'm aware of that is coming based on the public roadmap, you can either...

• Check if there's a suggestion for this on the feature request site, and create one if not
• Check if a Marketplace App would meet your needs

Ste

Ok, thanks @Ste Wright 

The Authorised By would be a manual text entry along with a date of approval.  However, I think a couple of those apps in the Marketplace would do the trick.  I'll test them out.   Thanks for that :) 

Additional info:  As part of quality management, all documents need to have versioning, change details including reason, changer's name and date and approver's name and date.

Hi @jack , @Ste Wright 

This seems to be a real problem regarding data privacy regulation, so I also would prefer a fix for this. If some external auditor is picky, this can lead to the point where at least in the EU because of GDPR / DSGVO, we have to discuss if use of Confluence is allowed.

How I did verify this in my instance and can confirm the issue:

• Some user, let's call him "steve.urkel", created a page
• When opening the page, Confluence shows the "ST" icon as page creator
• When hovering the mouse over the icon, a tooltip is shown that contains the username "steve.urkel"
• Now I delete the user what must result in all personal data (that includes not only the mail address, but also the username) being deleted
• When opening the page again, the icon with "ST" is still shown, that is fine because only initials (however, this is "area of grey", some lawyer might object)
• However, when hovering the mouse over the icon, the tooltip with username is still shown, followed by "unlicensed")

From my understanding, the tooltip must not contain the username since this is personal data of someone where we are no longer allowed to have and show this data.

I verified this with a user that was deleted over a month ago, so this is probably not a caching issue.

@Ste Wright As a community leader, you probably have better access to Atlassian as I, so I ask you to forward this to them and maybe explain so they see and understand the problem.

Thank you

Harald

Hi @Harald Seyr 

You're better to contact Support as I mentioned above - https://support.atlassian.com/

Whilst I'll mention this to Atlassian, you're better to request direct assistance so they can divert you to the appropriate team :)

Ste

I agree with @Harald Seyr - 

We cannot have people's names showing anywhere, that the user account has been deleted and that they don't work for the company anymore and don't want their name displayed.

We are also undertaking ISO 27701 Privacy Management System - we do not have the permission of ex-contractors and ex-employees to keep their names on display for other staff members to see.

I have raised a support ticket with Atlassian hoping they take this matter seriously and get their developers to resolve this matter urgently.

I have also reported this to support, including a screen capture video showing the issue. Support already contacted me to schedule a screen sharing session for tomorrow. 

I will post news here as they develop.

Ok, thanks Harald - I appreciate it.

Hi,

as promised, here comes the update after some ticket notes back and forth, followed by a video call:

• The system works as designed
• The design of the system is that by default and in my instances, users are created as "unmanaged" users, that means
  • a user is created in some global user base that is "for all atlassian"
  • the user in the global base gets access rights to the instances
  • an admin does not delete the user when removing it from the instance, he deletes only the access rights
  • so the user is still present in the global dictionary
  • Since user does still exists, the user name is shown in the tooltip
  • Only after the user himself actively deletes the own account, the data is really deleted thus (at least that is what Atlassian claims) also the user name is not shown anymore
• As a workaround, the admin can "claim a domain" what
  • requires to add some TXT record with data provided to the DNS entry of the domain
  • Then the admin can really delete the users with email addresses with the claimed domain from the global user base
  • Limitation is that for domains where the admin cannot add TXT records to the DNS, this will not be possible
• There is a feature request pening at [CONFCLOUD-69410] allow admins to control former users - Create and track feature requests for Atlassian products. since 2020 that everyone that requires the feature can vote for
• At the moment, nothing will be changed by Atlassian

Regards,

Harald

Hi @Harald Seyr ,

Thanks for sorting this and the writeup!

Thanks for the update @Harald Seyr

Apologies for my lack of technical comprehension as I don't really understand the state of play, nor how to handle the workaround.

I deleted the user from Atlassian so I'm confused why their name keeps appearing in Confluence pages.  At the very least, I would prefer it to display "former user" if it can't be removed all together.

I am in comms with Atlassian Support.

Cheers

@jack

As I understood Atlassian support, as admin, you cannot delete a user in sense of removing it from user base.

Maybe this is your impression or perception, but actually, you deleted only the users access rights to your site.

The user itself is still present in Atlassian user base. Only the user himself can delete the own account.

There is the workaround to extend your administration "power" by claiming a whole domain, this enables you as admin to actually delete the users, but only those who have provided an email address from the domain your claimed.

Regards,

Harald

Yup - I've been in contact with Atlassian support and it seems only Org admin can delete fully the account