Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Update LDAP info for imported users who haven't logged in yet

Brent Webster
Brent Webster
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
February 10, 2013

Background:
I'm in the middle of transferring my users and issues from our existing 4.4.3 Jira server(Ottawa) to a new 5.2.2 server in Sweden. I have three majors issues to address:

  1. Upgrading from 4.4.3 to 5.2.2. I have modified numerous aspects of Jira:
    - velocity email templates
    - external perl scripts for process control with my SVN repositories
    - groovy scripts in my Workflows

  2. My Ottawa userids do not match up with my new userids in Sweden.
    I know there is a whole Jira issue discussion on how Jira does not support renaming users. It was a toss up between editing and manipulating MySQL code and database tables(that aren't officially documented) or post-process the Jira backup XML file. Since the Swedish server is a brand new instance, I went with the latter and successfully imported all my projects and remapped userids (to their Swedish counterparts) but now for the third issue.

  3. The recommended method for accessing the LDAP data differs between the small company
    Ottawa setup using "MicroSoft Active Directory" and the large ldap implementation in Sweden using "Generic Directory Server (Internal with LDAP Authentication)".


The first two cases are being handled well. With the third case, I have noticed that the converted userids have no LDAP data (i.e. like their full name) until the user logs in for the first time. I'm assuming it is a caching issue. I need the LDAP info like their real full names else problems will arise especially when searching for issues. i.e. I know a person's full name but with their associated userid is not always obvious.

Question#1: How can I force Jira to update its LDAP cache for the 180 users that were part of the existing import without having all of them log in for the first time?

I really don't want to send out a broadcast email giving some lame excuse to log into the new Jira site. As well, most of the users will still ignore the email until they really need to log into Jira for the first time.

Any ideas, thanks Brent

Answer
Watch
Like Be the first to like this
300 views

2 answers

1 accepted

0 votes
Answer accepted
Brent Webster
Brent Webster
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
May 22, 2013

In the end, I used the Directory type: "Microsoft Active Directory" which would allow each LDAP definition to be 'synchronized" on a periodic basis.

Reply
0 votes
Jozef Kotlár
Jozef Kotlár
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
March 4, 2013

Your question is so thoroughly written, that I am hesitating to write my (out of head) thoughts ;-)

  • I would go into scriptrunner and start to tweak with DirectoryManager - as I did in my another answer. IMHO you need dig into DelegatedAuthenticationDirectory
  • If it would not help, I would temporary reset user password and write script for logging all users.
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

    See all events