What does "Migrate users from one directory to another" do?

I am currently using internal Jira directory for user management and would like to migrate all the existing users to an Internal directory with LDAP Auth.

I have set up a Internal directory with LDAP authentication and people can login (as far as the UserObjectFilter is set up) and default groups are set correctly for new users.

In order to minimise disruption I expected to have to migrate all of the users manually. ie - create duplicates of users in the new directory, assign them to their existing groups and then disable old users, then find a way to re-assign issues to the new users and figure out some way to reassign saved filters dashboards etc to the new users.

Then I see the link that says "Migrate users from one directory to another"

Does this simply move all users to the new directory with no changes? it keeps all ticket assignees, Issues filters, dashboards, users assigned to custom fields. timesheets, Tempo etc? (ie probably just changes the directory id of the user behind the scenes?)

but I cant find any documentation about what this button actually does?

If this is the case then all I would have to do is to migrate the users, then change their logins (manually mung them in the db) to match their AD equivelence (ie they are currently firstname.lastname, but AD has firstInitalLastName).

anyone have any idea how I can test this?

5 answers

1 accepted

Harry Chan is exactly correct here.

This allows users to connect their JIRA to an LDAP server for authentication and not need to reenter the user details for all the users currently enrolled, or if required to disconnect their JIRA from LDAP and use JIRA's authentication. Of course the passwords are not migrated in either case.

I kind-a figured that, but how does it match users? do their logins need to be the same in the internal dir and Ldap to make this worth while - or can I migrate them and then change their logins to match ldap?

It will try to match what's in LDAP.

There is a matching between username field on Jira and sAMAccountName on LDAP(or whatever is set in the LDAP Schema's username attribute field).

"Migrate users from one directory to another" button should just migrate all the internal user from internal directory to the delegated directory. From there, your user will be authenticate to the configured LDAP. It simply just shift the directory from one to another.

But if you're using any mixed case difference between the username in JIRA and the one in LDAP, you may need to replace the username to lowercase as the mixcase user(either JIRA or LDAP) caused quite some known issues in JIRA.

A very usefull tip I got fro Atlassian support for doing the migration is to rename users to match the LDAP user ID in the XML.

Thus, you do the export, edit the XML and change all userIDs with the correct LDAP name and then import back again.

Then, you click the link "Migrate users from one directory to another", as long as the new directory is of type "Delegated LDAP Authentication"

Note that you have to be extremely carefull during find and replace. Usernames might be included in other places as well, an email address for instance.

Hi Andreas,

Are you suggesting we backup all of Jira, update the xml and then restore? or is there some way that we can do this with the user directory?

Yes, that's what is said, renaming user IDs is not supported and you must ensure they all match with LDAP prior migrating them.

I'm really interested on this too, I thought after the user logs in using its AD credentials and its account is created in Jira, I could use a merge script (Groovy Runner) to migrate issues, group memberships and all other user references to the new account (the AD). That would leave me with one account per user, from the AD directory.

Unfortunatelly, the script fails somewhere in the middle of the migration. According to Jamie (GroovyRunner), the script doesn't support users from different directories.

So, that leaves us with the option to use the command "Migrate users from one directory to another". I wish we could have some kind of documentation and a couple of case studies from Atlassian.

The moment I got an answer from them, I'll post my findings.

Anyone else with an idea?

Hi, this JIRA issue - https://jira.atlassian.com/browse/JRA-24213 might provide more information. 1.1 and 1.2 is what got implemented in JIRA 5.0 and is the functionality being discussed here.

Suggest an answer

Log in or Join to answer
Community showcase
Sarah Schuster
Posted Jan 29, 2018 in Jira

What are common themes you've seen across successful & failed Jira Software implementations?

Hey everyone! My name is Sarah Schuster, and I'm a Customer Success Manager in Atlassian specializing in Jira Software Cloud. Over the next few weeks I will be posting discussion topics (8 total) to ...

3,319 views 14 20
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you
Atlassian Team Tour

Join us on the Team Tour

We're bringing product updates and pro tips on teamwork to ten cities around the world.

Save your spot