Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Disable LDAP authentication Command Line - Locked out of Jira

FreeSoftwareServers
FreeSoftwareServers October 7, 2016

So I setup LDAP Auth and tested configurations fine. Everything went great, so I logged out and went to log in.

Now I can't log in via LDAP or my local User. It just keeps giving me Captcha's and saying either your not permitted to login, or your login requires a captcha.

I have CLI access to the server, there has got to be a way for me to recovery my JIRA Instance! This is really a HUGE deal to be locked out of Jira. I am 99% sure I didn't disable Local Login, but its below LDAP on the list of methods to use. I cant even log in via my LDAP user anymore, but they don't have admin rights....

How can I disable/delete the LDAP configs from the CLI?

Answer
Watch
Like Be the first to like this
1810 views

1 answer

1 vote
FreeSoftwareServers
FreeSoftwareServers October 8, 2016

https://confluence.atlassian.com/jira/retrieving-the-jira-administrator-192836.html

Add a new 'localadmin' user with the password sphere:

mysql -uroot -p
use jiradb;
insert into cwd_user values (999999,1,'localadmin','localadmin',1,'2012-01-04 19:49:05-08','2012-01-04 19:49:05-08','local','local','admin','admin','local admin','local admin','localadmin@localadmin.com','localadmin@localadmin.com','uQieO/1CGMUIXXftw3ynrsaYLShI+GTcPS4LdUGWbIusFvHPfUzD7CZvms6yMMvA8I7FViHVEqr6Mj4pCLKAFQ==',NULL,NULL);
insert into app_user values(999999,'localadmin','localadmin');
insert into cwd_group(id, group_name, lower_group_name, active, local, created_date, updated_date, description, lower_description, group_type, directory_id)
values ( '888888','jira-administrators','jira-administrators',1,0,'2011-03-21 12:20:29','2011-03-21 12:20:29',NULL,NULL,'GROUP',1);
insert into cwd_group(id, group_name, lower_group_name, active, local, created_date, updated_date, description, lower_description, group_type, directory_id)
values ( '777777','jira-users','jira-users',1,0,'2011-03-21 12:20:29','2011-03-21 12:20:29',NULL,NULL,'GROUP',1);
insert into globalpermissionentry (id, permission, group_id) values (555555,'SYSTEM_ADMIN','jira-administrators');
insert into globalpermissionentry (id, permission, group_id) values (444444,'ADMINISTER','jira-administrators');
insert into globalpermissionentry (id, permission, group_id) values (333333,'USE','jira-users');
update cwd_directory set active = 1 where id = 1;
flush privileges;
quit;
sudo service jira stop && sudo service jira start

This didn't actually disable LDAP, but gave me a localadmin to log in as to do what I needed in the WebGUI like disable LDAP and change users etc etc.

View More Comments
devopsinfoltd
devopsinfoltd October 5, 2018

You have missed couple of query, due to which when you'll try to login, it'll throw an error:

You do not have a permission to log in. If you think this is incorrect, please contact your Jira administrators.

 

insert into cwd_membership values (666666,888888,999999,'GROUP_USER','','jira-administrators','jira-administrators','localadmin','localadmin',1);
insert into cwd_membership values (555555,777777,999999,'GROUP_USER','','jira-users','jira-users','localadmin','localadmin',1);
Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

    See all events