Username truncates at 20 characters when using AD
Platform Notice: Data Center and Cloud By Request - This article was written for the Atlassian data center platform but may also be useful for Atlassian Cloud customers. If completing instructions in this article would help you, please contact Atlassian Support and mention it.
Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.
*Except Fisheye and Crucible
Problem
Crowd, configured to sync with Microsoft Active Directory, truncates the username to 20 characters. This issue affects both Crowd and any applications with embedded Crowd (Jira, Confluence, etc).
Diagnosis
Environment
- Microsoft Active Directory
Cause
Crowd is configured to sync sAMAccountName for usernames. This is a feature of Active Directory; the sAMAccountName attribute can store only 20 characters to provide backward compatibility with pre-2000 Windows Server login names.
Workaround
Configure Crowd to use a different attribute, for example CN, for usernames. The CN attribute up to 64 characters, versus the 20 allowed in the sAMAccountName.
Be aware that this configuration change will affect all users in your AD. It is advised to try this change on a staging environment before applying it to production.