Domain Users group from AD is imported by Confluence but its members are not imported
Platform Notice: Data Center Only - This article only applies to Atlassian products on the Data Center platform.
Note that this KB was created for the Data Center version of the product. Data Center KBs for non-Data-Center-specific features may also work for Server versions of the product, however they have not been tested. Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.
*Except Fisheye and Crucible
Symptoms
Domain Users memberships are not being recognised by Confluence.
Diagnosis
This is a expected behaviour related to this Improvement Request:
Workaround
Usually the reason customers want the Domain Users membership to be used is to grant access to Confluence to all users from Active Directory.
This being said, so users can access Confluence, they need to be inside the confluence-users group.
When creating a new User Directory, there's an option that allows you to automatically insert users in confluence-users group.
When using Connector Authentication you need to choose Read Only with Local Groups so a field will appear:
Default Group Memberships: confluence-users
This will basically make the AD users, members of the confluence-users group and so, everyone will be able to access Confluence.
PS: If you want to avoid all users to have access to Confluence, you may create an LDAP Filter
Setting your LDAP connection with Confluence as Connector: https://confluence.atlassian.com/display/DOC/Connecting+to+an+LDAP+Directory
Setting your LDAP connection with Confluence as Delegated: https://confluence.atlassian.com/display/DOC/Connecting+to+an+Internal+Directory+with+LDAP+Authenticatio
Was this helpful?