LDAP - Jira - You cannot move the directory without losing your system admin privileges.
Platform Notice: Data Center - This article applies to Atlassian products on the Data Center platform.
Note that this knowledge base article was created for the Data Center version of the product. Data Center knowledge base articles for non-Data Center-specific features may also work for Server versions of the product, however they have not been tested. Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.
*Except Fisheye and Crucible
Problem
After setting up the external directory-LDAP, user is unable to re-order the Directories with below error:
Environment
Jira Data Center
Cause
Current user has it's own username both on internal and LDAP, but current user is an administrator on Jira internal directory, but it does not have administrator permission on LDAP.
Note that if the user name is only available on Jira internal directory and not available in LDAP there won't be any issue as it checks the first Order(LDAP) and can't find the user name so it checks the second order(Internal Directory) and matches the credentials.
Resolution
One way to address this issue is to login as an admin user in the Jira Internal Directory to make this change. Otherwise, you can perform one of the following:
- Create an Administrator group on LDAP and give this group Administrator permission on the Jira Global Permissions
or
- If user belongs to a group on LDAP you can grant that group administrator permission on Jira