I have logged into JIRA with admin rights. I have written a code to deactivate the users who are not logged in from last 6 months. But i see that users who are part of Internal Directory are marked as in active but users from Active directory are not. So how can i make my code works for both the directory users.
Below is my code.
import com.atlassian.crowd.embedded.api.CrowdService
import com.atlassian.crowd.embedded.api.UserWithAttributes
import com.atlassian.crowd.embedded.impl.ImmutableUser
import com.atlassian.jira.bc.user.UserService
import com.atlassian.jira.component.ComponentAccessor
import com.atlassian.jira.user.ApplicationUser
import com.atlassian.jira.user.ApplicationUsers
import com.atlassian.jira.user.util.UserUtil
int numOfDays = 8
Date dateLimit = (new Date())- numOfDays
StringBuffer st = new StringBuffer();
UserUtil userUtil = ComponentAccessor.userUtil
CrowdService crowdService = ComponentAccessor.crowdService
UserService userService = ComponentAccessor.getComponent(UserService)
ApplicationUser updateUser
UserService.UpdateUserValidationResult updateUserValidationResult
long count = 0
userUtil.getUsers().findAll{it.isActive()}.each {
UserWithAttributes user = crowdService.getUserWithAttributes(it.getName())
String lastLoginMillis = user.getValue('login.lastLoginMillis')
if (lastLoginMillis?.isNumber()) {
Date d = new Date(Long.parseLong(lastLoginMillis))
st.append("date is " +d);
if (d.before(dateLimit)) {
updateUser = ApplicationUsers.from(ImmutableUser.newUser(user).active(false).toUser())
updateUserValidationResult = userService.validateUpdateUser(updateUser)
if (updateUserValidationResult.isValid()) {
userService.updateUser(updateUserValidationResult)
st.append("Final result of Updated Users are::: " +updateUser.name)
log.info "Deactivated ${updateUser.name}"
count++
} else {
log.error "Update of ${user.name} failed: ${updateUserValidationResult.getErrorCollection().getErrors().entrySet().join(',')}"
}
}
}
}
"${count} users deactivated.\n"
st.toString();
Hi Prasanna,
In most setups, Active Directory users cannot be modified in JIRA. If you're using the Microsoft Active Directory user directory type, all users meeting a specific criteria in AD (usually filtered by OU or specific group membership) are synced into JIRA.
From the User Directories page, check and see what setup you have. If it's "Microsoft Active Directory (Read Only, with Local Groups)" for your AD, you can't modify the users in JIRA.
What you want to do requires you to be using the "Internal with LDAP Authentication" directory type. This directory can be more of a pain to manage than the standard AD directory type, but allows you to manage user properties (like active/inactive) within JIRA.
If you're unable to look into changing directory types to meet your requirements (it can be a big job to move them), I might suggest using an AD group as your filter criteria in your Microsoft Active Directory user directory type. When you remove users from what it's looking for to sync, they will become inactive in JIRA. You can use the script you've got going or some SQL to generate the inactive users list, then use a PowerShell script to remove them from whatever AD group you have / can set up to control JIRA access.
Cheers,
Daniel
P.S. If you feel like this answer helped, please hit the checkmark to the left to mark it as answered. This helps us focus our efforts on unsolved questions. Thanks!
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.