Crowd: migrate Active Directory to new usernames

Michael Bachmann July 15, 2019

Hello,

we currently use Crowd to manage users that come from various directories, both internal crowd directories and external LDAP.

Now we have to move our main active directory to a new active directory, sadly with new usernames.

Would anyone have any suggestion on what's the best way to do such a migration?
Obviously all the content and history in the connected Jira and Confluence instances should be retained. At best our users shouldn't even notice the change, besides the new username.

Greetings,
Michael

2 answers

0 votes
Mirek
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
July 15, 2019
Michael Bachmann July 15, 2019

That sounds very promising, so aliases would allow our users to still use their old usernames and retain all their data. This would be a good workaround for the meantime.

But from my understanding of the documentation this only adds an additional username that can be used for login and does not change any associated data, therefore not really "migrating" data to the new users, correct?

I would much prefer to cleanly move over all the data to the new usernames.

Mirek
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
July 16, 2019

Then you might try simply changing username on old Active Directory (to the new one) then migrate to new Active Directory.  

0 votes
Michael Bachmann July 15, 2019

As a possible solution to my own problem I found the following approach:

  • import all old users from the active directory into an internal crowd directory
  • remove the old active directory
  • rename the old users to the new usernames
  • add the new active directory
  • remove the internal crowd directory

(probably do some synchronizations between these steps so that Jira and Confluence know of the new users)

Would this actually work and retain all the data?

khalil Mishal May 4, 2022

@Michael Bachmanndid that work for you?

Michael Bachmann May 9, 2022

Yes it did work in the end although it certainly was a hassle.
The synchronizations to Jira and Confluence inbetween these steps are the key to make it work and have to be in a very specific order and it's also better do disable periodic synchronizations in the meantime.

I also have to give a fair warning on this approach!
Only later we have found some users (~2-3 out of 140) where the "user id" (NOT the "user key") was the mail address instead of the generic "JIRAUSER123". I'm not entirely sure how that came to be.
This does create some issues when using various APIs to integrate Jira/Confluence with other applications.

You should definitely test this several times in a test environment and check all the data.

So if i recall correctly (I hope) my final approach was as follows:

  • import all old users from the active directory into an internal crowd directory (using a .csv file)
  • remove the old active directory
  • synchronize to Jira/Confluence and check if everything still works!
  • rename the old users to the new usernames in the internal crowd directory
  • synchronize to Jira/Confluence and check if everything still works!
  • add the new active directory
  • remove the internal crowd directory
  • synchronize to Jira/Confluence and check if everything still works!

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events