Confluence Converting Users in Internal Directory to AD Directory

SO I'm not sure if i'm missing somethign as I google away or if it's just not out there.

I have about 5-10 users in the internal directory that I would like to move to our AD directory.

If I jsut add them to the AD group they loose there current access levels and there posts are no longer linked with there account.

So how do I add them to the AD group and also merge the account with there interall account?

2 answers

1 accepted

Hello,
Content in Confleunce is tighly linked to the username. If the username in AD matches the username from the internal direcotry, then simply synching should against AD should assoicate the content. However, it sounds like the usernames differ (otherwise you wouldn't be making this request). In that case, the options are 1) Chaning the username in AD and 2) Chaning the username in Confluence.

Changing the username in Confluence is currently difficult and involves hacking at the DB which is not supported by Atlassian. However, the ability to change usernames in Confluence is coming soon so depending on your time table it may be worth it to wait. If not, then the following page shows how some people accomplish changing usernames in Confluence. Again, this is not support by Atlassian nor do we recommend it so please do so at your own risk.

Changing usernames in Confluence

Cheers,
Andrew

Hi,

Thank you for getting back to me so quickly.

Actually the names are the same but what I have found in testing is...

When I started another admin added me to the internal directory accidentaly. When I add myself to the correct group in AD and try to log back into Confluence I loose my groups and no longer am able to access anything in Confluence.

Am I missing something or is there a way to merge the two?

Hi Brandon,
This could be a matter of ordering the driecotries. When a user logs in, Confluence searches these direcotries in the order they appear on the user direcotry page. Once the user is found, it stops looking and moves forward with what is found.

What this means is that we will pull the info for the direcotry the user is found in. If AD is first, then we respect the username and groups found there. If the internal directory is first then we respect the username and groups found there. Both these statements assume that the exact username (caseing as well) exists in both user direcotries.

Is the caseing he same in both direcotries? Also, is AD in the first position or is the internal direcotry?

Cheers,
Andrew

AD is the first position. How can i merge the 2 accounts so I can

1) remove the internall directory
2) make sure users retain groups and posts

Thank for you help.

Hi Brandon,
Removing the internal directory is not advised as it is best to retain the internal user direcotry with at least one unique user which has Confluence administrative privleges. That way, should something happen to the AD conenction we can still access Confluence. This internal user should have a unique name that would never appear in AD (otherwise it could become shadowed).

For the content, as long as the username is identical between the interal dir and AD (casing and all) all of thier content will remain associated. For the groups, if we have 'read only with local groups' specified for the AD direcotry then when a user logs in it will copy over the groups that were associtated with the user in the internal direcotry.

Cheers,
Andrew

Ok so I just tested with a user.

We have 'read only with local groups' specified for the AD direcotry.

The user logged in and autenticated agenst AD but lost all there User group memberships in Confluence.

:S ?

Andrew any ideas as to why this is?

Hi Brendan,

Sorry for the late response, I was away from the site for a bit. I did some testing and am afraid I was mistaken before about the gorup memberships. The groups will continue to exist in the internal direcotry and the users are now in AD. However, the membership will need to be recreated. If we navigate to each user and edit their group details we can add them to the needed groups. I believe there are only 15 users so adding this manually should be quick. There is a way to migrate these memberships in bulk but adding them manually may be faster. For details on the bulk move please see the following page.

Migrate local group memberships between directories

Consdering the number of users though I think that manualy adding the users back would be easier.

Cheers,
Andrew

Hi Brendan,

Sorry for the late response, I was away from the site for a bit. I did some testing and am afraid I was mistaken before about the gorup memberships. The groups will continue to exist in the internal direcotry and the users are now in AD. However, the membership will need to be recreated. If we navigate to each user and edit their group details we can add them to the needed groups. I believe there are only 15 users so adding this manually should be quick. There is a way to migrate these memberships in bulk but adding them manually may be faster. For details on the bulk move please see the following page.

Migrate local group memberships between directories

Consdering the number of users though I think that manualy adding the users back would be easier.

Cheers,
Andrew

Suggest an answer

Log in or Sign up to answer
How to earn badges on the Atlassian Community

How to earn badges on the Atlassian Community

Badges are a great way to show off community activity, whether you’re a newbie or a Champion.

Learn more
Community showcase
Posted Jul 10, 2018 in Confluence

We want to see the templates you've created in Confluence!

Hi Community, Jessica here from the Confluence Product Marketing team!  July’s community challenge is all about sharing pictures  — and as an extension of our first post on what ...

902 views 23 12
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you