Hi guys,

I've never been able to figure this one out. Let's say I have a user directory in crowd that has 700 users. A group in that directory has 10 users.

Okay -- now I have 2 Jira instances, one with a 500 user limit, the other with 2000. I don't care (in fact I want) all 700 to be in the 2000 user jira. But I want only the 10 users from this particular group in the directory to apply to the other Jira. With me so far?

Right -- so in Crowd, for the application where I only want 10 users, I add the directory, mark all users can authenticate as false, and specify the group with the 10 users I want.

The use case here is for a handful of users to have internal access rights, but everyone to have external access rights. (We acquired a company, and are absorbing them into our environment).

Unfortunately, when I sync my internal Jira instance (the 500 user one) -- it pulls in all users towards my license, exceeding my limit. It's pretty much saying to me -- "Yeah, I don't care that you specified that you don't want everyone to authenticate -- I am adding them all. Enjoy!"

-- these users are local, not ldap

Is there a way to accomplish this? Seems to me I should be able to dictate which users can authenticate to my applications, regardless of directory.

Anyway -- there you go. Frustrating situation. I know I could create the users in a separate group or directory, but I don't feel like I should have to. That's wasted replication of effort. ;)