It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

How to update LDAP bind account password with command line not via GUI in Jira and Confluence?

Hi All,

 

We own more than 60 Atlassian server that we had an activity that we need to update the ldap bind account password regularly, manual change takes 4 hours from GUI.

 

Support said that this process can not be automated and no API called available,

 

Have anyone manage to find a way to manage that?

 

 

1 answer

0 votes
Andy Heinzer Atlassian Team Sep 19, 2019

Hi Mai,

I see that you have had previous support cases about this ability to quickly change the LDAP credentials for multiple Atlassian products.   I also see that you have already rejected the idea of direct SQL changes, as this does require either the application to be restarted or a cache to flushed, so I won't bore you the idea of trying to make changes in SQL. I also saw a suggestion to use a 3rd party plugin to help automate this.  Additionally, I found the pair of feature requests for this in

With all of those avenues already explored, I have a question for you:

Have you considered implementing Atlassian Crowd to help here? 

Instead of directly connecting your Jira and Confluence instances to an LDAP server, you could instead add a new Crowd user directory for each Jira/Confluence you run.  Then within a single Crowd application, you can add your LDAP instance only once.   This way, your Jira and Confluence sites don't have to manage these LDAP connection credentials locally, they can just depend on Crowd to manage and handle that.

The major benefit I see to this approach is that if this is the same LDAP server, you only have to change those credentials once in Crowd.  The drawback is, well, you would be dependent upon Crowd and there would be an additional license cost associated with this.  However for your situation where you have lots of Atlassian applications connected to the same LDAP site, it seems like this approach could be a big time saver.

I hope this helps.

Andy

In fact I can not accept this as answer as well :)

for a large enterprise we have many BU (Business Units) distributed all over the  globe each uses its own Atlassian servers that are not shared with other BUs and an ldap server per site, that mean I have to ask for a crowd server per site which will cost a lot adding the difficulty of idea of sharing it between BUs, so instead of Atlassian do a simple change in their tool we pay for additional crowd servers, restructure our work  adding that after all this it will not fix the issue as the crowd server point to the ldap server that I have to reset the ldap bind account for each x number of days manually again !!

Atlassian needs to enhance their tools to accept API calls that can do that, I know that there is a feature request but that doesn't mean it will be implemented soon.

 

Regarding the plugin I have been directed too, its paid license :) so i should pay almost 20K to get one for each server, which is again not a solution.

Suggest an answer

Log in or Sign up to answer
Community showcase
Posted in Jira

Demo Den Ep. 7: New Jira Cloud Reports

Learn how to use two new reports for next-gen projects in Jira Cloud:  Cumulative flow diagram and Sprint burndown chart. Ivan Teong, Product Manager, Jira Software, demos the Cumulative ...

375 views 1 3
Join discussion

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you