Unable to remove local groups from Confluence which contain deleted LDAP users


アトラシアン コミュニティをご利用ください。


プラットフォームについて: サーバーと Data Center のみ。この記事は、サーバーおよび Data Center プラットフォームのアトラシアン製品にのみ適用されます。


If Confluence is integrated with LDAP and users from LDAP have been associated with Confluence internal groups, users cannot be removed from groups if the orignal LDAP user has been deleted.

atlassian-confluence.log に次のエラーが返される。

java.lang.IllegalArgumentException: User unknown: [null] in [hibernateRepository]
	at com.atlassian.user.impl.hibernate.HibernateGroupManager.validateGroupAndUser(HibernateGroupManager.java:364)
	at com.atlassian.user.impl.hibernate.HibernateGroupManager.removeMembership(HibernateGroupManager.java:386)
	at com.atlassian.user.impl.cache.CachingGroupManager.removeMembership(CachingGroupManager.java:178)
	at com.atlassian.user.impl.delegation.DelegatingGroupManager.removeMembership(DelegatingGroupManager.java:234)
	at bucket.user.DefaultUserAccessor.removeMembership(DefaultUserAccessor.java:529)
	at com.atlassian.confluence.user.DefaultUserAccessor.removeMembership(DefaultUserAccessor.java:98)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)


In order for Confluence to remove a group, it tries to access the user record of the user. This causes an error, as the user no longer exists. The most common reason for the above case is if a previous employee is no longer with the company, and their LDAP record gets removed from LDAP without first removing them from all Confluence groups.


Add a user with the same username as the deleted ldap user. You can do this by going to Confluence Admin> Manage Users. You can then disable login by ensuring that this new user belongs to no groups and does not have an entry in the Global Permissions.


This problem was resolved in Confluence 3.5 as per CONF-14104.

Last modified on Mar 30, 2016


Powered by Confluence and Scroll Viewport.