Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

How to develop an automated license reclamation program?

김정현
김정현
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
March 20, 2025

Hello. I am a user of JIRA DATA CENTER product. I am currently using Active Directory server to retrieve only users as read-only, and I have applied logic to delete the corresponding data from cwd_membership of DB through SQL to exclude certain users from certain groups. However, even after removing the permission, the result is that the user is logged in and is still added to certain groups. I am curious about the logic that JIRA DATA CENTER uses to manage group permissions and licenses.

 

 

[reference img - DB]

image.png

[reference img - GUI]

image.png

 

 

In addition, my goal is to develop an automated system that regularly reclaims unused user licenses

Answer
Watch
Like Be the first to like this
105 views

1 answer

0 votes
Philipp Sendek
Philipp Sendek
Community Champion
March 21, 2025

Hi and welcome to the community,

so if I understand correctly, you're pulling users from your Active Directory to Jira/Confluence including their group memberships. Once they're pulled in, you delete certain group memberships through the database. And the main issue is that the users can still login and consume a license. Have I summarized this correctly?

To approach this topic in stages:

Filter Users and Groups
My first suggestion would be to look into User and Group filters for your Active Directory connectors. This way you can control which users and which groups are actually pulled from the AD. If left at default, all users and groups are pulled which can be way more than you would like to have in Jira / Confluence.

You find more infos on this here: https://confluence.atlassian.com/adminjiraserver/reducing-the-number-of-users-synchronized-from-ldap-to-jira-applications-938847054.html

In order to filter, you will need a filter query for which it's helpful to have an AD admin around. :-)


Default Group Memberships

It is common (or even default setting) that users that are synced from your Active Directory are added to the provided default group when they login for the first time. For both Jira and Confluence this is also the default group that grants licenses.

If you performed the filtering from the previous step and you still don't want specific users to get a license once they login I would propose to either leave this field empty or add a group in there that doesn't grant a license.

You can find more infos on that on the following page:  https://confluence.atlassian.com/adminjiraserver/connecting-to-an-ldap-directory-938847052.html

 

Autoremoving licenses

Depending on whether you want to manage the licenses through Active Directory (either User Filtering or membership in a certain group) or if you want to do this in Jira, you would have to take different approaches.

I would not encourage deleting things in the database. Instead you could use an app like Script Runner or a more specific app for license management to revoke licenses depending on a certain criteria (like inactivity).

 

I hope this helps and I'm happy to go deeper in any of the topics if you have follow-up questions.

Greetings
Philipp

View More Comments
Philipp Sendek
Philipp Sendek
Community Champion
April 23, 2025

Hi @김정현 ,

just checking in to see if you could solve your question.

Greetings
Philipp

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.