Summary

Users are synced into Confluence via Active Directory. However, some users seem to be missing or are not synced to Confluence.

Environment

Any Confluence version
Supported Active Directory

Diagnosis

• Confirmed that the user is valid and active in Active Directory.
• All other users/accounts of that group appear to be present in Confluence.
• Check the LDAP user filter configured in your Confluence Active directory setup. For example, if it is configured as:

(&(objectCategory=Person)(sAMAccountName=*)(|(memberOf=CN=Apps_Confl_Users,OU=ExampleGroups,DC=example,DC=com)(memberOf=CN=Apps_Confl_Admins,OU=ExampleGroups,DC=example,DC=com)(memberOf=CN=Apps_CONFL_SrvcAccounts,OU=ExampleGroups,DC=example,DC=com)))

Confluence will pull in users that are memberOf CN=Apps_Confl_Users,OU=ExampleGroups,DC=example,DC=com OR CN=memberOf=CN=Apps_Confl_Admins,OU=ExampleGroups,DC=example,DC=com OR CN=Apps_CONFL_SrvcAccounts,OU=ExampleGroups,DC=example,DC=com.

So, the user in question needs to be a member of either of the above to be synced into Confluence.

To check this – for the user account in concern, create an LDIF export from the Active Directory. This LDIF file will contain a list of entries the user is a member of. Verify if the concerned user belongs to one of the CNs that's configured in Confluence's Active directory setup.

Cause

The concerned user does not belong to one of the LDAP user object filters configured in Confluence.

Solution

Add the concerned user to one of the groups from the LDAP user filter on the LDAP side. Once this is done, sync the directory in Confluence and confirm if the user can now be seen.