Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Merge users when UPN changes in Active Directory

ryan@thecloud.n
ryan@thecloud.net.nz February 6, 2013

We have Jira/Confluence setup to use our LDAP server as the authentication server, using the user principal name as the name attribute and the object filter

(&(objectCategory=Person)(sAMAccountName=*)(memberOf=cn=atlass_company,ou=company,ou=company,dc=company,dc=local))

which allows us to login to our Atlassian products using our email address and domain password.

Due to some internal shuffling in our company, we have had to change the email addresses and subsequently the user principal names of a couple of our staff members. This has caused duplicate users to be created using the new UPN and email addresses, which means that we have exceeded our licence cap as well as all of the content created by those users is tied to an obsolete account.

Is there any way for us to merge these accounts, or to delete the old accounts that are no longer used?

Answer
Watch
Like Be the first to like this
1443 views

4 answers

1 vote
Ryan Goodwin
Ryan Goodwin
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
February 6, 2013

Hi Ryan,

The merging of accounts as you call it is not impossible, but it requires a lot of manual manipulation of the database and can lead to unexpected results.

The safest bet is going to be to disable user accounts that are no longer used. When you disable an account, any content the user has created will still be accessible, but that user should not be counted against the license count.

If there are a large number of users, you might want to use the Confluence CLI and script the removal of the users.

Reply
0 votes
Andy Cippico
Andy Cippico November 19, 2014

Hi Ryan, we're in the same boat. Did you ever find a way to resolve the new UPN problem?

Reply
0 votes
johnrock feller
johnrock fellerz March 10, 2013

hi

ADManager Plus is a comprehensive web-based Microsoft Windows Active Directory Management software that simplifies User provisioning and Active Directory administration with complete security. It provides a complete set of active directory management tools to administrators for efficient management of active directory. The solution features a single console from which IT management can view and manage Active Directory users, computers, contacts, groups and generate reports for all the domains, servers or any specific domain in Active Directory environment from a central location. ADManager Plus also enables the administrator to delegate repetitive, simple, time consuming tasks to non-administrative users / helpdesk in a completely secure manner and also allows for controlled automation of Active Directory. ADManager Plus avoids manual, error prone administrative activities on Active Directory and saves time and cost. IT administrators can now perform the following list of activities on their Active Directory using ADManager Plus.

Link:http://www.manageengine.com/products/ad-manager/active-directory-management.html

Reply
0 votes
ryan@thecloud.n
ryan@thecloud.net.nz February 23, 2013

Due to the fact that this is an unsupported feature, we have decided to not to attempt to edit the database. The users have been disabled and everything is working, however we lost the ties between the users who's UPN changed and the content they had created.

Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

    See all events