Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

User deactivation on Data Center

Dick
Dick
Community Champion
February 24, 2025

Hi dear Community,

I'm flummoxed. We're running Jira Data Center 9.12.11. We have about 30 accounts that have never logged in, are removed from our LDAP synchronization (from Active Directory), yet still count as active license users.

The Atlassian Help page is referring to the ... menu behind the user having an "edit" function. I'm sad to say that such menu is not available to me (Jira admin privileges). 

Also, others seem to have difficulty with this. The answers given there also mention the edit button that's not to be found on my instance.

So how am I deactivating these users?

Kind regards,

Dick

Answer
Watch
Like Be the first to like this
142 views

2 answers

0 votes
Dick
Dick
Community Champion
February 24, 2025

Normally, a user sync does inactivate the users that were excluded from these special groups we use in the Active Directory. 

The never-logged-in users should've been deactivated (I painstakingly went through all the nested groups and constructed a PowerShell script that would gather the persons in all referred groups. 

I'm wondering which mechanism in Jira is keeping them from deactivating properly. Moreover, if it is something I can influence/amend. 

Kind regards,

Dick

Reply
0 votes
Radek Dostál
Radek Dostál
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
February 24, 2025

Due to group membership. You'd need to remove them from groups granting application access.

 

Ideally, the user sync should inactivate them, but that depends on your particular setup. You can't edit users that are "managed by external directory". You'd have to disable the user details sync from the directory, then deactivate them, then re-enable the user details sync again.

Either way if you remove their group memberships they won't be able to login, or, they will only be able to access JSM portals if you have JSM installed.

 

In most cases, user sync won't remove users from local groups - which is what those groups that give application access are (unless you reconfigured it to use dynamic groups, rather than use the jira-software-users and such that come out of box).

View More Comments
Dick
Dick
Community Champion
February 25, 2025

This behavior is weird:

  • Checking with the user, he had no permission to enter Jira. 
  • User has a "never logged in" status when looking him up.
  • I provide access by placing him in a correct Active Directory group
  • User has access and logs in for me 1 time
  • User has 1 inlog count with the correct date.
  • I remove access by removing him from the afore mentioned AD group
  • User has no access anymore
  • User doesn't get an [X] denomination as to being inactive, is counted as a licensee.

What am I missing here?

Dick

 

 

Like
Radek Dostál
Radek Dostál
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
February 25, 2025

But if the user has no access, and is not in any application access groups, then he doesn't count towards the license.

As to why he doesn't get tagged with [X], I assume because he's still in AD, therefore there's no reason for the sync to rename the user or do anything with him.

Like
Dick
Dick
Community Champion
February 25, 2025

My problem is that this user is counted as having a license (and thirty others as well). 
I do not have control over this, which creeps me out a bit.

Kind regards,

Dick

Like
Radek Dostál
Radek Dostál
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
February 25, 2025

No application access groups = no license.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
DEPLOYMENT TYPE
SERVER
VERSION
9.12.11
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.