delete users from the internal directory causes permissions to disappear (also in the LDAP director

Hello @红旗公 ! As I understand, you have the following situation:

1. A Confluence Server instance
2. The instance has local users (Internal User Directory)
3. A user directory was synchronized to Confluence
4. Users that exist in both internal and external user directories have been removed from the internal directory
5. The user permissions and groups membership have been completely removed

To be short, this is the expected behavior if both Internal and External users have the same username. Deleting users is a non-reversible action.

For each user that is synchronized from an external directory, Confluence will create a new and different user_key for that specific user.

When you have an Internal User and an External User that have the same user name, those accounts will be merged under the user_key for the already exiting Internal User.

When you delete this internal user, that user key no longer is associated with an existing user.

Deleting the Internal User triggers Confluence to create a new user as soon as the External Directory user logs in. Now that Confluence has given a new user_key to that user from the External Directory, no permissions will be present, they will need to be reinstated to the user.

Here is a step by step of what happens:

1. Creates a new user in Confluence Internal Directory
2. Confluence creates new unique user_key
3. Synchronizes External Directory with Confluence
4. Confluence merges Internal and External user accounts that have the same username
5. Those accounts now share the same user_key inside Confluence
6. User is deleted from the Internal Directory
7. That specific user_key is now associated with a deleted user (non-existent user)
8. User logs in using credentials from External Directory
9. Confluence synchronizes data between the Internal and External directories
10. Confluence detects the user from the External Directory as a new user
11. Confluence creates new user_key for the user
12. No permissions are present for that user because Confluence sees it as a new and different user
    

You can check more about User Account Merging for Confluence server and user deletion here:

• [Confluence Server] Merging user accounts in Confluence - Local and External Directories
• [Confluence Server] Delete or Disable Users 

However, if the users did not share the same user name this should not happen. Confluence should treat them as different users. Let me know if that is the case.

Looking forward to your reply.