hoping someone has already been through this, in Confluence 5.4.4 I have two old legacy user directories with some users in each, both Active Directory. I would like to migrate all users from both over toa new "Internal with LDAP Authentication" user directory and delete the two legacy ones. Must maintain permissions, etc.
I found this article but the comment saying it only copies not migrates has stopped me using that one. It was handy to find the users in each directory however.
I have a method that might work, however is not support and involves some database sorcery :D, so if you decide to try this, set up a test instance to try this, if it works fine and you decide to give prod a go, backup your production database and application directories before trying to apply this on production:
This method will tie all users that are not members of the internal user directory into to the "new directory", once they try to authenticate confluence will update the external id.
Another key point is that this method will only works for Confluence on versions 5.3 to 5.5.2, if we ever change our table structure again in future versions this not might work.
Lastly, as I said before, this is a pretty invasive method, which is not supported by us (support team) and is not recommended at all to try in production without testing, however I believe it worth a shot doing into a test env :).
Hope it helps.
funnily enough I will be doing exactly that in 9 days, but I'm hoping that all I will really need to do is update the existing user directory with the new LDAP server settings. If not then yes I imagine the same process above will take care of it. I'll update here how it goes.
I found an easier way for Confluence > 5.7, since the group memberships are merged in case of duplicate users.
use case :
* initial state : 1 internal user directory, with some usernames matching LDAP
* target state : 1 internal user directory + 1 delegated LDAP dir for LDAP users authentication.
By configuring the delegated LDAP with the "copy user on login" and by adding them to a newly created group to identify which ones are created, I managed to have the user who were in the internal directory byt also in the LDAP authentify themselves from the LDAP, while users that were only in the internal directory (and not the LDAP) were not impacted.
Following up at last in case anyone reads this in future, just tried this on a test server - it works!
Only changes worth mentioning, in the new Delegated directory i had to tick Sync Group Membership, and Ijust had to fix a couple of quick internal group memberships that didnt come across. I also did not need to do steps 3, 16 & 17.
Happy to move onto the live server now.
This community is celebrating its one-year anniversary and Atlassian co-founder Mike Cannon-Brookes has all the feels.Read more
Hi Community! Kesha (kay-sha) from the Confluence marketing team here! Can you share stories with us on how your non-technical (think Marketing, Sales, HR, legal, etc.) teams are using Confluen...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs