Disabling user in delegated Active Directory doesn't disable them in Confluence until they log in

Type atlassian
Reporter fsim
Modified 2017-02-17T04:31:44


h3.Steps to Reproduce

Create a delegated directory, hooked to Active Directory

Login with an AD user, with the "Remember Me" option checked

Close the browser completely

Disable the user in AD (by checking the "Account is disabled" option in {{User Properties >> Account >> Account Options}} )

Launch the browser again, and navigate to Confluence. Notice that you are still logged in as the disabled user.

The SUCCESSDATE in the logininfo table for this user is updated to the time when step #5 is executed

In a delegated directory, the user will only be locked out from Confluence once the user logs out, and log back in

In a connector directory, a directory sync will automatically lock the user out from Confluence