It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

How to migrate jira accounts from local to LDAP?

How should I migrate a Jira using local accounts to one that is using, mostly, LDAP accounts.

The system has the following authentication setup: #1 mecanism an Active Directory (LDAP) and 2nd the local directory. This setup requires all users with accounts that do match LDAP account id to enter LDAP password, even if they could have a different password for the local account. (That's OK)

I have almost 1000 local users which have to be migrated to LDAP, sometimes with account rename.

I know about the Groovy Runner plugin which can rename and merge accounts.

Which should be the proper workflow in order to achieve this without too much trouble for the admin and also for the users.

The most important part: I want to be sure that if the LDAP account is disabled the user loose the access to the system.

Currently if you are using a dual-configuration and you have the same account name in both LDAP and local directory, the user will not loose access to the system.

3 answers

1 accepted

Hi Sorin,

There is also a JAC ticket with a lot of workarounds (in the comments) and suggestions to achieve this need for this same purpose here: https://jira.atlassian.com/browse/JRA-24213

Hope this helps!

Regards,

To those interested the solution is to rename all the accounts to match the LDAP usernames. For Jira pre 6.x this can be done via a third party plugin, or with Jira 6.x+ from inside Jira. For migrating the groups you can use REST to automate the process.

Hi, are you using JIRA 5.x? At the moment JIRA 5.x can migrate from local accounts to local accounts with LDAP as per this ticket. The ticket also lists potential ways to do this manually. If you are using full LDAP and other forms of Auth, please refer to this ticket, which is still to be implemented.

Unfortunately for now the best method in your case should be using Groovy RUnner or similar.

Cheers,

Migrating users from one directory to another.

About:

Currently if you are using a dual-configuration and you have the same account name in both LDAP and local directory, the user will not loose access to the system.

Is your LDAP directory in the first position of the user directories list? I think this should not happen in that case.

Suggest an answer

Log in or Sign up to answer
Community showcase
Posted in Jira

Calling all Jira Cloud users! Give us feedback on our exploration of a new navigation.

Hi everyone! My name’s Matt and I’m a product manager at Atlassian. I work in the navigation & findability space for all our Jira Cloud products. We’ve been working on trying to improve the exp...

1,060 views 16 12
Join discussion

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you