Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Can not modify group membership failed

Richard Scorgie
Richard Scorgie November 15, 2011

I'm experiencing some strange behaviour when trying to use the AD connection.

In the user directories page i see the following error message just below the sync button.

Last synchronised at 11/15/11 5:56 PM (took 22s). "

Synchronisation failed. See server logs for details."

However i can find the users when i search for users i the manage users page. But when i try to add a user to a group i get the following error:

"The following error(s) occurred:
cannot.modify.group.membership.failed"

Anyone have any ideas? I've looked at the catalina.out log file but i cant find any errors there. Which other log files are there where i can see details about this error?

Answer
Watch
Like Be the first to like this
1247 views

1 answer

1 accepted

0 votes
Answer accepted
Sander Brienen [Avisi]
Sander Brienen [Avisi]
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
November 15, 2011

In your User Directory config for AD, did you set your LDAP permissions to read/write? If the permissions are set to read-only, you cannot add users to a group from within Confluence.

Also another tip: If your confluence users are not in the group named confluence-users in AD and you do not want to configure each space individually to add the correct AD group for users to have access, use the option "Read Only, with Local Groups". This will move any user, logging in into Confluence, to be copied automatically to confluence-users in de Confluence internal directory. This is especially handy when you want to create a new space and not add your AD group to every space.

View More Comments
Richard Scorgie
Richard Scorgie November 15, 2011

Thanks for the help.

If I understand this correctly then if I set up the LDAP Permissions in COnfluence to Read Only with Local Groups, and add 'confluence-users' to the Default Group Memberships Field then users will automatically be added to that group.

Like
Sander Brienen [Avisi]
Sander Brienen [Avisi]
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
November 20, 2011

Yes. On first login, the user info is copied from AD to the Confluence User Directory. See it as a local cache. The default group membership indicates to what group this user is copied.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.