| Info |
|---|
If any external user directory such as LDAP is configured in Atlassian application, the behaviour of SAML/OAuth/OpenID SSO will change according to the user directory permission. |
...
Read Only directory
Read Only with Local Groups
Read/Write
Read Only
...
User Creation:
New users won't be created during SSOUser creation part will be handled by the external directory (AD/LDAP), miniOrange addOn will read synced users and take care of their authentication. If any new user tries to perform SSO, this error message will be shown to the user: "We couldn't sign you in. Please contact Administrator"
User Profiles Mapping:
The profile of users won't be updatedProfile Management and updating attributes will be handled in the external directory.
It is recommended to check the Disable Attribute Mapping option in the User Profile tab.
User Group Mapping:
The groups of users will not be updatedbe handled in the external directory.
It is recommended to check Disable Group Mapping option in the User Group tab
Default Groups:
The default groups won't be assigned to any userIt is recommended to change Assign Default Groups To settings to None
Read Only With Local Groups
...
If you are looking for a different kind of behaviour for any User Directory Permission, please contact us or reach out using the customer portal.
...