It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Update LDAP info for imported users who haven't logged in yet

I'm in the middle of transferring my users and issues from our existing 4.4.3 Jira server(Ottawa) to a new 5.2.2 server in Sweden. I have three majors issues to address:

  1. Upgrading from 4.4.3 to 5.2.2. I have modified numerous aspects of Jira:
    - velocity email templates
    - external perl scripts for process control with my SVN repositories
    - groovy scripts in my Workflows

  2. My Ottawa userids do not match up with my new userids in Sweden.
    I know there is a whole Jira issue discussion on how Jira does not support renaming users. It was a toss up between editing and manipulating MySQL code and database tables(that aren't officially documented) or post-process the Jira backup XML file. Since the Swedish server is a brand new instance, I went with the latter and successfully imported all my projects and remapped userids (to their Swedish counterparts) but now for the third issue.

  3. The recommended method for accessing the LDAP data differs between the small company
    Ottawa setup using "MicroSoft Active Directory" and the large ldap implementation in Sweden using "Generic Directory Server (Internal with LDAP Authentication)".

The first two cases are being handled well. With the third case, I have noticed that the converted userids have no LDAP data (i.e. like their full name) until the user logs in for the first time. I'm assuming it is a caching issue. I need the LDAP info like their real full names else problems will arise especially when searching for issues. i.e. I know a person's full name but with their associated userid is not always obvious.

Question#1: How can I force Jira to update its LDAP cache for the 180 users that were part of the existing import without having all of them log in for the first time?

I really don't want to send out a broadcast email giving some lame excuse to log into the new Jira site. As well, most of the users will still ignore the email until they really need to log into Jira for the first time.

Any ideas, thanks Brent

2 answers

1 accepted

0 votes
Answer accepted

In the end, I used the Directory type: "Microsoft Active Directory" which would allow each LDAP definition to be 'synchronized" on a periodic basis.

Your question is so thoroughly written, that I am hesitating to write my (out of head) thoughts ;-)

  • I would go into scriptrunner and start to tweak with DirectoryManager - as I did in my another answer. IMHO you need dig into DelegatedAuthenticationDirectory
  • If it would not help, I would temporary reset user password and write script for logging all users.

Suggest an answer

Log in or Sign up to answer

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you