Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Lock out users during maintenance

zuehlke_operations
zuehlke_operations December 17, 2015

Currently we have JIRA 6.3, Stash 3.6 and Confluence 5.7 hosted on our infrastructure and attached them to our active directory.

During recurring maintenance activities (e.g. the one we have planned now to upgrade to JIRA Software, Bitbucket 4 and Confluence 5.9) we'd like to be able to prevent all users from login in or performing any actions/checkins - except for system administrators (they of course need to be able to do whatever they need).

Our first try was removing the jira-users/stash-users/confluence-users group from the Global Permissions, so they don't have the rights to login.

However, during the application's upgrade process on our test instance we noticed that the groups are added again automatically to the corresponding permissions during upgrade installation. So after upgrade has finished the users would automatically be able to login again. But this is not what we want, because after the upgrade installation we still want to be able to perform further maintenance and tests before allowing the users to login again.

Is there any maintenance mode that can be enabled or something similar? Or how do you prevent your users from login in?

Answer
Watch
Like # people like this
3388 views

4 answers

3 votes
Phill Fox
Phill Fox
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
December 17, 2015

Hi

If your installations are behind a proxy server then you can change the mapping to point at a maintenance page there but provide a different url/port for the system administrators to access.

If not behind a proxy then there is a similar method which requires you to edit the port on which you currently host.  See https://confluence.atlassian.com/jira/changing-jira-s-tcp-ports-135949.html for JIRA and https://confluence.atlassian.com/bitbucketserver/changing-the-port-that-bitbucket-server-listens-on-776640049.html for Bitbucket. Your system administrators can then continue to access on the new port until all maintenance is complete at which point you would revert to your normal port.

 

Hope this helps

Phill

Reply
0 votes
Steven F Behnke
Steven F Behnke
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
December 17, 2015

You need to handle this from a System Administrator perspective rather than from the application side. There's a million ways to control access and provide a nice system down screen with any webserver you may be fronting your applications with. If you aren't fronting the apps, then you should try approaching this from the Tomcat side. Most of the time I front my applications with a webserver, which gives me this control in multitudes. 

Reply
0 votes
Chander Inguva
Chander Inguva
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
December 17, 2015
  • You can change the ports and reset it to correct one after the Upgrades

 

Reply
0 votes
Johannes Kilian
Johannes Kilian
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
December 17, 2015

There should be a way to lock/unlock the Bitbucket server in the way you requested:

https://confluence.atlassian.com/bitbucketserver/using-bitbucket-server-diy-backup-776640056.html - Sections: Lock the Bitbucket Server instance /Unlock the Bitbucket Server instance

As I'm only using Bitbucket - I cannot say anything about confluence of JIRA ...

Haven't tested it - so cannot help any further ....

View More Comments
Johannes Kilian
Johannes Kilian
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
December 17, 2015

It's only possible to lock the complete bitbucket server. I recently needed a possibility to lock single repositories - but this seems not to be available the easy way. See: https://answers.atlassian.com/questions/32973719/lock-single-repositories-for-maintainance-purposes

Like
zuehlke_operations
zuehlke_operations December 17, 2015

What happens if I lock the Bitbucket instance via REST API? - Can an Administrator still log in? - Is the lock kept during/after I perform a Bitbucket application upgrade? Or is it reset automatically during upgrade installation?

Like
Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
TAGS
AUG Leaders

Atlassian Community Events

    See all events