Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Renamed users after switching user directories in Crowd and lost access to pages in Confluence

Petr Vaníček
Petr Vaníček
Contributor
March 15, 2018

Hello,

in last few months we start working on using AD in our Crowd as primary directory. 

But one thing wasn't easy - it was our user base in Atlassian apps, because approx. 25 percent of our users has as username non-AD email (another domain).

Switching of other users with AD domain has been without any problems and it works well more than one month already.

But last week we switched also other users. 

We did it in this way:

  1. rename user in Crowd internal user directory
  2. Sync it in Jira for being sure with renaming of user
  3. Add required groups in AD and sync it with Crowd so user with same username as existing one appeared in Crowd, added same groups to this AD user as to user in internal directory
  4. Sync with Jira and perform a tests

So we don't do all sync steps with Confluence and now we have some pages in one or more spaces where nobody have acccess and we can't recover permissions for those pages (I know it's bad practise dedicate permissions for users on pages instead of groups - it's a "monument" of previous Atlassian admin in our company). 

Is there any way how I can get all pages across all Spaces with restricted permissions? And a way how can I change restrictions on pages globally?

Thanks for your ideas or help.

Best regards

Petr

Answer
Watch
Like Be the first to like this
1216 views

1 answer

0 votes
AnnWorley
AnnWorley
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
March 15, 2018

Hi Petr,

Thanks for the background and details of your question. I am not sure whether you are facing page restriction, space permission or global permission issues. The approaches to viewing and changing these are different. Please see Permissions and restrictions and then circle back and let us know which type of access we can help with.

Just to reassure you, admins can access all pages whether they are restricted or not, by changing the restrictions or permissions that are limiting the access. 

On a less pleasant note, there isn't a way to view all page restrictions for an entire instance in one place. Page restrictions can be viewed at the space level: 

Space Admin and System Administrator access to restricted pages
Users with 'Admin' permissions in a space, or users with the System Administrator global permission can remove restrictions from pages, even if the page restriction prevents them from viewing the page. Go to Space Administration > Restricted Pages.

Space permissions can be viewed globally: Manage and recover space admin permissions

To recover Space Admin permissions:

Go to > General Configuration > Space Permissions.

Locate the space in the Individual Spaces list and choose Recover Permissions.
You can then choose Manage Permissions, and add any other appropriate permissions to the space. Requests to recover permissions are recorded in the Confluence audit log.

Thanks,

Ann

View More Comments
Petr Vaníček
Petr Vaníček
Contributor
March 16, 2018

I mean page restrictions.

I found only one solution for this and it's export Space and import it to Demo instance. There I can delete restrictions (on the production not, it show me "You don't have access on this page" or something similar). Then I can make export on Demo, delete original on Production and import it on Production.

Like
AnnWorley
AnnWorley
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
March 16, 2018

Hi Petr,

Page restrictions should be changeable by space admins and system administrators in the browser without exporting the space: Page restrictions 


Users with 'Admin' permissions in a space, or users with the System Administrator global permission can remove restrictions from pages, even if the page restriction prevents them from viewing the page.

If you are getting an error message when you go to Space Tools > Restricted Pages it is likely you need Space Admin permission at the space level or System Administrator global permission.

Thanks,

Ann

Like
Petr Vaníček
Petr Vaníček
Contributor
March 27, 2018

Sorry for late reply.

Of course I'm a System Administrator and our System Administrator group is also as Space admins.

But now I stuck with "my solution" with one large Space. I export it from PROD, then import it to DEMO and delete all restrictions in Restricted Pages. The I export it again from this environment and import it to PROD.

But now I'm Space Admin (and System Administrator) and Restricted Pages part of Space administration is now empty. But I still can't access pages and Space Homepage. When I click on Request Access button then it show me this below.

"
Access request unsuccessful
Your request for access has not been sent. Contact your space admin.
" 

But very interesting this is I can search whole content by searching in Confluence, with excerpts of pages but without access to pages.
I'm working with Confluence for 3 years but it's for first time when I stuck with something like this.

Do you have any idea, please?

Thanks 

Like
AnnWorley
AnnWorley
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
March 27, 2018

Hi Petr,

A space admin should be able to view and change any page restrictions in the space. To rule out inherited permission caching as the issue, please try: Rebuilding the Ancestor Table

Note: This process takes about ten minutes for an average size site, and you may not be able to save new content during this time. We recommend you take a full backup of your database and complete this process during a maintenance window.

Thanks,

Ann

Like
Petr Vaníček
Petr Vaníček
Contributor
March 28, 2018

Hi Ann,

Unfortunately I can't change nothing. There are not any restrictions or permissions which can affect my access into pages in Space. I delete all restricted permissions in Restricted pages in Demo environment and imported it on PROD. And after rebuilding of ancestor table it's still same (it's take around 5 seconds only).

Do you have any other idea, please? Fortunately it's little bit older and not so much used Space, so if we will not solve this we can use this Space on Demo instance where it is working. So it's nothing critical, but...

Maybe can be there some problem related to Data Center edition when Demo is Server and on Server is it working correctly? It's look really strange when I can search content of pages in Space, but not access it.

Thanks
Petr

Like
AnnWorley
AnnWorley
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
March 28, 2018

Hi Petr,

I understand the issue persisted after rebuilding the ancestor table, and that the source (demo instance) of the space import was standalone and the destination was Data Center edition.

So that we can take a closer look, I opened a support request on your behalf. Please mention me in this thread if you don't get the email from our portal shortly.

Thanks,

Ann

Like
Santhosh Vegolam
Santhosh Vegolam August 9, 2018

Hi Ann

Good evening,

Here my query is little bit similar to above  in my confluence production version is  5.10.9 under General Configurations User directories when automatically synchronization is performed by system  in LDAP as per LDAP settings .But After some time some  particular users means like 92 users are not found or some users details with some other names updated like Kavala babu as Frank zara (or) some users trying to login showing as no user found error like that

So for this problem we  temporary fix  this as solution we are doing manual synchronization whenever daily this issue happens i seen in audit log whenever it happen like below

Example in auditlog:   3 Aug, 2018 04:30:37 System Users and groups User details updated User: xxxxxx Show more 3 Aug, 2018 04:30:37 System Users and groups User renamed User: xxxxxxx Show more   Thanks   

 

please provide the solution for this issue to fix permanently 

 

Thanks

santhosh

Like
Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.