Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Is there any way to import the Confluence Users with their passwords in LDAP?

Ashma Shrestha
Ashma Shrestha March 20, 2013

I recently realized that Atlassian is using ATLASSIAN-SECURITY (Bouncy Castle Encryption) method to encode their Password which is not supported by any LDAP. The plan is to use LDAP as a centralized usesr directory and Crowd as the interface and SSO tool. Our choice was due to the fact that

- LDAP handles multiple password encryptions, which in our case is important because we are planning to import users from multple non-atlassian directories as well and we would like the password to be intact.

- Better support for extra user attributes in LDAP where as Crowd does offer it but the implementation is not fully mature or as per our need.

I would really appreciate it, if someone can provide some pointers on how this can be done.

Thank you in advance

Answer
Watch
Like Be the first to like this
428 views

1 answer

1 accepted

1 vote
Answer accepted
GuilhermeA
GuilhermeA
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
March 26, 2013

I believe that this would be a "Cannot be done". Not due LDAP or Import, but due the fact that you need to use another encryption other than Atlassian-security.

So the main ideia would be convert atlassian-sha, to something else, which then would be a "security" failure, and I believe that you might be able to reverse the encryption, but it could be very difficult.

In my humble opinion it would be too much work for something that in a high security environment would be discarded in 7 days upon request to password change.

Getting to your question, I would just import all users from Confluence to your LDAP, and force a random password, forcing your users to change their passwords on first login. This would generate a fresh pair of keys with the correct LDAP Security.

Hope this helps you. Cheers,

Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security