...
There are users from user directories that are configured as Internal with LDAP Authentication (also known as "delegated directories") and
the option "Update User attributes on Login" is enabled
Problem
If user profiles from such directories are updated manually (by the users themselves or by an administrator), there is an error page shown when saving the changes, containing an error similar to the following:
Code Block com.atlassian.core.exception.InfrastructureException: com.atlassian.crowd.exception.OperationNotPermittedException: com.atlassian.crowd.exception.ApplicationPermissionException: Cannot update user 'Tester.10' because directory 'Delegated LDAP Authentication' does not allow updates. at bucket.user.DefaultUserAccessor.saveUser(DefaultUserAccessor.java:192)the following error can be observed in the logs
Code Block com.atlassian.core.exception.InfrastructureException: com.atlassian.crowd.exception.OperationNotPermittedException: com.atlassian.crowd.exception.ApplicationPermissionException: Cannot update user <LOGIN_NAME> because directory 'Delegated LDAP Authentication' does not allow updates. at bucket.user.DefaultUserAccessor.saveUser(DefaultUserAccessor.java:208) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:333) at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:190) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157) at com.atlassian.spring.interceptors.SpringProfilingInterceptor.invoke(SpringProfilingInterceptor.java:16) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) at org.springframework.transaction.interceptor.TransactionInterceptor$1.proceedWithInvocation(TransactionInterceptor.java:99) at org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:282) at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:96) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:213) at com.sun.proxy.$Proxy107.saveUser(Unknown Source) at com.atlassian.confluence.user.actions.EditMyProfileAction.updateUser(EditMyProfileAction.java:155) at com.atlassian.confluence.user.actions.EditMyProfileAction.doEdit(EditMyProfileAction.java:86) at de.communardo.confluence.plugins.userprofile.userprofile.modules.EditMyProfileAction.doEdit(EditMyProfileAction.java:46) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at com.opensymphony.xwork.DefaultActionInvocation.invokeAction(DefaultActionInvocation.java:302) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:170) at com.opensymphony.xwork.interceptor.AroundInterceptor.intercept(AroundInterceptor.java:35) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165) ...
the user data is not saved
...