問題

If Confluence is integrated with LDAP and users from LDAP have been associated with Confluence internal groups, users cannot be removed from groups if the orignal LDAP user has been deleted.

atlassian-confluence.log に次のエラーが返される。

java.lang.IllegalArgumentException: User unknown: [null] in [hibernateRepository]
	at com.atlassian.user.impl.hibernate.HibernateGroupManager.validateGroupAndUser(HibernateGroupManager.java:364)
	at com.atlassian.user.impl.hibernate.HibernateGroupManager.removeMembership(HibernateGroupManager.java:386)
	at com.atlassian.user.impl.cache.CachingGroupManager.removeMembership(CachingGroupManager.java:178)
	at com.atlassian.user.impl.delegation.DelegatingGroupManager.removeMembership(DelegatingGroupManager.java:234)
	at bucket.user.DefaultUserAccessor.removeMembership(DefaultUserAccessor.java:529)
	at com.atlassian.confluence.user.DefaultUserAccessor.removeMembership(DefaultUserAccessor.java:98)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

原因

In order for Confluence to remove a group, it tries to access the user record of the user. This causes an error, as the user no longer exists. The most common reason for the above case is if a previous employee is no longer with the company, and their LDAP record gets removed from LDAP without first removing them from all Confluence groups.

回避策

Add a user with the same username as the deleted ldap user. You can do this by going to Confluence Admin> Manage Users. You can then disable login by ensuring that this new user belongs to no groups and does not have an entry in the Global Permissions.

ソリューション

This problem was resolved in Confluence 3.5 as per CONF-14104.