Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Jira application access error due to rename in LDAP using crowd connector

James M
James M January 7, 2019

I had granted a group application access in Jira. For example, <sample, group> 

The group's name was altered in the LDAP with changes to its display name and CN to the updated <sample-group> 

When I tried to grant another group application access, Jira threw an error stating that the <sample, group> was no longer found. This error would only allow the admin to refresh the application access page but since no changes had been made, the error would just trigger again. 

What would be the best way to remove this group from application access since the web interface does not allow any manual changes?

 

Jira 7.12.1, Crowd 3.2.2

Answer
Watch
Like Be the first to like this
559 views

1 answer

0 votes
Earl McCutcheon
Earl McCutcheon
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
January 8, 2019

Hi Albaro,

Thanks for reaching out and this behavior is tied into the following BUG:

When you renamed the Group the application access is looking for a group by the name of that group that was initially added to the app access page under the "group_id" column of the "licenserolesgroup" table in the DB.  Since it was renamed that specific name no longer exists in the directory and triggers this conflict as though it has been deleted as noted in the BUG report.

We just did a bit of testing on this as well, and found the following workarounds that do not require any downtime to correct (I am Also updating the BUG to reflect this information which should be visible shortly):

  1. You can (on the AD/LDAP side)  Revert the group name change and synchronize, rather than the DB edit noted on the BUG and the error is no longer triggered.  as an EXE: the group "user" was added to app-access and then changed to "sample-group" in AD/LDAP, renaming it back to "user" and synchronize, corrects the issue
  2. if you want to maintain the new empty group and add it to application access to replace the old group create a new group with the original group name that is stuck on the App access page and synchronize, this will bypass the error and allow access to the application access page so you can remove the no longer used group, and add in the desired updated group name.  once complete remove the empty group from ad to clear up the clutter.

Regards,
Earl

Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.