Unable to remove local groups from Confluence which contain deleted LDAP users

お困りですか?

アトラシアン コミュニティをご利用ください。

コミュニティに質問

プラットフォームについて: Server と Data Center のみ - この記事は、サーバーおよびデータセンター プラットフォームのアトラシアン製品にのみ適用されます。

問題

If Confluence is integrated with LDAP and users from LDAP have been associated with Confluence internal groups, users cannot be removed from groups if the orignal LDAP user has been deleted.

atlassian-confluence.log に次のエラーが返される。

java.lang.IllegalArgumentException: User unknown: [null] in [hibernateRepository]
	at com.atlassian.user.impl.hibernate.HibernateGroupManager.validateGroupAndUser(HibernateGroupManager.java:364)
	at com.atlassian.user.impl.hibernate.HibernateGroupManager.removeMembership(HibernateGroupManager.java:386)
	at com.atlassian.user.impl.cache.CachingGroupManager.removeMembership(CachingGroupManager.java:178)
	at com.atlassian.user.impl.delegation.DelegatingGroupManager.removeMembership(DelegatingGroupManager.java:234)
	at bucket.user.DefaultUserAccessor.removeMembership(DefaultUserAccessor.java:529)
	at com.atlassian.confluence.user.DefaultUserAccessor.removeMembership(DefaultUserAccessor.java:98)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

原因

In order for Confluence to remove a group, it tries to access the user record of the user. This causes an error, as the user no longer exists. The most common reason for the above case is if a previous employee is no longer with the company, and their LDAP record gets removed from LDAP without first removing them from all Confluence groups.

回避策

Add a user with the same username as the deleted ldap user. You can do this by going to Confluence Admin> Manage Users. You can then disable login by ensuring that this new user belongs to no groups and does not have an entry in the Global Permissions.

ソリューション

This problem was resolved in Confluence 3.5 as per CONF-14104.

Last modified on Mar 30, 2016

この内容はお役に立ちましたか?

はい
いいえ
この記事についてのフィードバックを送信する
Powered by Confluence and Scroll Viewport.