Issues faced by Organisation Admins while Managing Gsuite Users
When you connect to G Suite, you sync your G Suite domains and the users under these domains to your Atlassian organization, giving you the power to manage all users from the G Suite admin console
All the account related operations like changing email of users, Activation and Deactivation of the users will be done on the IDP (Gsuite) and the same will get reflected on Atlassian during the next Gsync
Scope of Gsuite Today:
- Syncs the domains claimed in Gsuite (Domain claim)
- Syncs the users in the selected Google group(s) to Atlassian Site (user provisioning)
- Deletes the use from the site if the user is deleted in Gsuite (user de-provisioning)
- Enforces “Login with Google” for users in the claimed domain (SSO)
However, there are situations when the User Updates do not happen smoothly. This page covers some of these scenarios that will help you troubleshoot Gsuite User Issues.
- Unable to Create a Gsuite user:
Creating the user on Gsuite and pushing it in one of the groups that are syncing with Atlassian, should provision the user.
However, if an old Deactivated account with the same email address exists in Atlassian's Database and a Google id associated with it. The new user we are trying to push from Gsuite has a Different Google attribute, the account push from Gsuite will fail.
In order to fix this account, we need to:
1. Remove the user from Synced groups in Gsuite
2. Delete the account Associated with email (Contact Atlassian Support for this)
3. Re-add the user to the Gsuite synced groups on Atlassian.
4. A new account will be created for user on Atlassian end.
2. User Deactivated on Gsuite does not get Deactivated on Atlassian.
Check if the Gsuite is connection hes been done at Site level or at Org level
Navigate to G Suite at admin.atlassian.com.
If you’re an organization admin, select your organization name and go to Directory > G Suite in the left navigation.
If you’re a site admin, select your site name and go to G Suite in the left navigation.
When Gsuite is connected on Site level, Deactivating/Deleting an Account on Gsuite will remove the user’s product access but the account will show up as active on the Org.
If the Admin wishes to Manage Activation/Deactivation of Accounts via Gsuite, the Admin has to configure Gsuite at Org level.
When Gsuite is connected at the Org level, Deactivating/ Deleting an account in Gsuite will Deactivate the user’s account on the org.