Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Best Practice: Changing User Directory and merging users

Fiederling
Fiederling February 21, 2016

We would like to switch from an Apple Open Directory LDAP to a Microsoft Active Directory. On the new Active Directory some usernames will change and and some usernames will not change. 

On Apple Open Directory we configured "Read Only, with Local Groups" (Users, groups and memberships are retrieved from your LDAP server and cannot be modified in Confluence. Users from LDAP can be added to groups maintained in Confluence's internal directory.)

Unfortunately I couldn't find any informations how users can be merged, so that their own preferences, confluence-groups, permissions, tasks, etc. will not be affected by the changes.

Can you explain the steps and best practices.

 

My idea is to disable the old ldap connection, change the usernames manually to match the new usernames and then configure the new active directory as the default user directory. Will this work? 

Answer
Watch
Like Boris Georgiev _Appfire_ likes this
562 views

2 answers

1 vote
Tim Eddelbüttel
Tim Eddelbüttel
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
February 21, 2016

Hello,

we've done similar (different LDAP User Repositores with different usernames to one) years ago with Confluence and JIRA as rename where not possible.

Because rename is now possible this is much easier than before.

I would suggest you

  1. that you write the old username in a new field within your MS AD. This new field will be your username in the LDAP field mapping (default is sAMAccountName).
  2. Shutdown you Confluene instance
  3. Go to your database (table: cwd_directory_attribute) and look for ldap.url and ldap.user.username. Change Booth to your new server and new temporary attribute
  4. Then start Confluence and wait for the directory sync and look if all content looks like before
  5. When all is fine and authentication works, you can switch back the LDAP field mapping to the default field

Migrating user directories needs some testing on a test server but it is possible. But every configuration is different and needs some testing.

Regards,
Tim 

Reply
0 votes
Fiederling
Fiederling March 31, 2016

HI Tim, 

 

Thanks for your reply. This worked perfectly. 

Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
TAGS
AUG Leaders

Atlassian Community Events

    See all events