Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Crowd: Migrating from Crowd internal directory to Microsoft Active Directory

Ben Scutt March 11, 2015


We have been using Crowd with an internal directory of users for SSO between JIRA, Confluence, Stash and Bamboo for the last few years.

We are now migrating over to using Microsoft Active Directory as our primary directory on Crowd. I have set up a stage environment to test, and have successfully created a new Microsoft Active Directory directory and imported all the relevant user and groups.

However the problem is that everyone will get new account for our applications as this is a new directory. Is it possible to either disable all the accounts in our old Crowd Internal Directory and link them to the new account in the Microsoft Active Directory? Or to merge the directory/accounts?

The end goal is that people who previously had an account in the Crowd internal directory would still be able to see all thier previous history/issues in JIRA/Confluence etc when we migrate over to the MS Active Directory.

Thanks in advance.



1 answer

1 accepted

1 vote
Answer accepted
Jobin Kuruvilla [Adaptavist]
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
March 11, 2015

As long as the user name matches, you can just put the AD user directory on top of the internal user directory and everything should work fine.

Keep an eye on the permissions as the user groups will have to be either created in AD or aggregated from both directories.

Ben Scutt March 20, 2015

Thanks - I didn't think it would be that simple! The usernames where slightly different between the directories - I have to manually re-name the users in the old directory, and sync all the apps with crowd before adding the AD user directory, to preserve the users' history.

Like Kyle Rosier likes this
Timothy Harris June 28, 2016

Well, I must be doing something wrong them as I end up with a new user. Seems t hapen to a user that had a user name that did NOT match what was in AD. I tried renaming the user prior to importing from Crowd directory. But it didn't seem to help sad 

Kyle Rosier February 24, 2020

@Jobin Kuruvilla [Adaptavist] could you please clarify where you're prioritizing the user directories? In Crowd you create an application and then add directories to the application. You can order the directories there, within Crowd, to prioritize them.

Then on the application side (i.e. JIRA) you add a user directory from Crowd, which is the "application" on the Crowd side. Here you can also order the directories to prioritize them.

I'm currently trying to figure out how to achieve the same thing that Ben was originally asking about. Do I setup my AD directory as a separate "application" in Crowd, and then add my internal Crowd and AD directories as separate User Directories in JIRA? Or do I add both directories to the same "application" in Crowd, and add that single entity as a User Directory to JIRA?

Kyle Rosier February 26, 2020

I figured out that the directory prioritization occurs within the 'Application' in Crowd. You don't need to add a new user directory on the application side, or even edit the existing Crowd user directory configuration on that end.

  1. Add the Active Directory (AD) user directory to Crowd.
  2. Create groups for the new directory and add users to those groups as necessary.
  3. Update the username of any users in other directory(s) to match the username to merge with in the new AD directory.
  4. Sync application (i.e. Jira) with Crowd to get username changes.
  5. Add the AD user directory to the application in Crowd, ordering it above the directory(s) of exiting users that will be "merged".
  6. Assign groups that can authenticate to the application for the AD user directory (or assign all via checkbox option).
  7. Sync application (i.e. Jira) with Crowd to get the new groups. Assign new groups as necessary per application (i.e. for Jira, use the Application Access administration page).
Carlos Chang May 27, 2021

@Kyle Rosier Thanks for the detail walkthrough, I have a question:

In step2, can I bulk add users to the group? I've tried import from CSV but I can not only import group membership file plus I have no permission to edit external AD.

Kyle Rosier June 7, 2021

I haven't used the CSV import functionality. When I added the AD user directory to Crowd, it pulled in all the users that way. I then created groups in Crowd (configured to not write back to AD) and added AD users (in Crowd) to those groups. I believe at that point I was able to add one or many users at a time to a group.

Suggest an answer

Log in or Sign up to answer
AUG Leaders

Atlassian Community Events