Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Deactivate inactive users with Atlassian Crowd user directory

Gunta S
Gunta S April 12, 2021

I am using the same Atlassian Crowd Jira Internal Directory for Jira, Confluence and BitBucket. I have some users who only use Confluence or BitBucket, but don't use Jira. I also have a script that deactivates users that haven't been active in Jira in last 100 days, however it doesn't take in account the activity in Confluence and BitBucket, and once the user is deactivated in Jira, the directory syncs up and the user no longer has access to BitBucket and Confluence as well. 

Is there a way I can check user's activity against all services before the user gets deactivated?

Answer
Watch
Like Be the first to like this
1222 views

1 answer

0 votes
Brant Schroeder
Brant Schroeder
Community Champion
April 14, 2021

@Gunta S 

I would update your script to look at when the last time someone authenticated into crowd.  You can get the last authenticated date in the Crowd DB.

Here is the DB Scheme - https://developer.atlassian.com/server/crowd/database-schema-and-example-sql-for-crowd/#DatabaseSchemaandExampleSQLforCrowd-ExampleSQLQueries

You will want the lastAuthenticated from the user attribute.  

SELECT cwd_user.user_name, from_unixtime(cwd_user_attribute.attribute_value/1000) FROM cwd_user, cwd_user_attribute WHERE cwd_user_attribute.user_id = cwd_user.id AND cwd_user_attribute.attribute_name = 'lastAuthenticated';
View More Comments
Gunta S
Gunta S June 3, 2021

Hi @Brant Schroeder 

That's a good idea, but I'm still quite stuck on this. Is there a way I can adjust my user deactivation groovy script with this? 

 

package jobs

import com.atlassian.crowd.embedded.api.CrowdService
import com.atlassian.crowd.embedded.api.UserWithAttributes
import com.atlassian.crowd.embedded.impl.ImmutableUser
import com.atlassian.jira.bc.user.UserService
import com.atlassian.jira.component.ComponentAccessor
import com.atlassian.jira.user.ApplicationUser
import com.atlassian.jira.user.ApplicationUsers
import com.atlassian.jira.user.util.UserUtil


def userWithRigths = ComponentAccessor.getUserManager().getUserByKey("admin_service")
int numOfDays = 100 // Number of days the user was not logged in
Date dateLimit = (new Date())- numOfDays
UserUtil userUtil = ComponentAccessor.userUtil
CrowdService crowdService = ComponentAccessor.crowdService
UserService userService = ComponentAccessor.getComponent(UserService)
ApplicationUser updateUser
UserService.UpdateUserValidationResult updateUserValidationResult
long count = 0
//Here I assume you already have the ComponentAccessor imported
def jiraAuthenticationContext = ComponentAccessor.jiraAuthenticationContext

log.warn("Now iterating...")
try {
jiraAuthenticationContext.setLoggedInUser(userWithRigths)
userUtil.getUsers().findAll{it.isActive()}.each {
UserWithAttributes user = crowdService.getUserWithAttributes(it.getName())
String lastLoginMillis = user.getValue('login.lastLoginMillis')
if (lastLoginMillis?.isNumber()) {
Date d = new Date(Long.parseLong(lastLoginMillis))
if (d.before(dateLimit)) {
updateUser = ApplicationUsers.from(ImmutableUser.newUser(user).active(false).toUser())
updateUserValidationResult = userService.validateUpdateUser(updateUser)
if (updateUserValidationResult.isValid()) {
userService.updateUser(updateUserValidationResult)
log.warn "Deactivated ${updateUser.name}"
count++
} else {
log.warn("The update has failed!")
log.warn "Update of ${user.name} failed: ${updateUserValidationResult.getErrorCollection()}"
log.warn(updateUserValidationResult.warningCollection.getWarnings())
}
}
}
}
}
catch (any) {
log.warn ("Could not perform action as user ${userWithRigths}", any)
}
finally {
jiraAuthenticationContext.clearLoggedInUser()
}
log.warn("${count} users deactivated.\n")

Like
Brant Schroeder
Brant Schroeder
Community Champion
June 3, 2021

@Gunta S to use it in the groovy script you would need to connect to the DB, run the query, loop through the results to deactivate the users.

Like
Sue Webber - Personal
Sue Webber - Personal
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
June 22, 2023

Hi Brant
Could you assist me with a script to return a list of usernames and their last login dates we use Crowd.

Like
Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security