Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

What does "Migrate users from one directory to another" do?

Peter Trubshaw
Peter Trubshaw August 21, 2012

I am currently using internal Jira directory for user management and would like to migrate all the existing users to an Internal directory with LDAP Auth.

I have set up a Internal directory with LDAP authentication and people can login (as far as the UserObjectFilter is set up) and default groups are set correctly for new users.

In order to minimise disruption I expected to have to migrate all of the users manually. ie - create duplicates of users in the new directory, assign them to their existing groups and then disable old users, then find a way to re-assign issues to the new users and figure out some way to reassign saved filters dashboards etc to the new users.

Then I see the link that says "Migrate users from one directory to another"

Does this simply move all users to the new directory with no changes? it keeps all ticket assignees, Issues filters, dashboards, users assigned to custom fields. timesheets, Tempo etc? (ie probably just changes the directory id of the user behind the scenes?)

but I cant find any documentation about what this button actually does?

If this is the case then all I would have to do is to migrate the users, then change their logins (manually mung them in the db) to match their AD equivelence (ie they are currently firstname.lastname, but AD has firstInitalLastName).

anyone have any idea how I can test this?

Answer
Watch
Like Mo Beigi likes this
1691 views

5 answers

1 accepted

0 votes
Answer accepted
trevorcampbell
trevorcampbell August 27, 2012

Harry Chan is exactly correct here.

This allows users to connect their JIRA to an LDAP server for authentication and not need to reenter the user details for all the users currently enrolled, or if required to disconnect their JIRA from LDAP and use JIRA's authentication. Of course the passwords are not migrated in either case.

View More Comments
Peter Trubshaw
Peter Trubshaw August 28, 2012

I kind-a figured that, but how does it match users? do their logins need to be the same in the internal dir and Ldap to make this worth while - or can I migrate them and then change their logins to match ldap?

Like
Harry Chan5
Harry Chan
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
August 28, 2012

It will try to match what's in LDAP.

Like
Andreas Gounari
Andreas Gounaris
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
August 28, 2012

There is a matching between username field on Jira and sAMAccountName on LDAP(or whatever is set in the LDAP Schema's username attribute field).

Like
Reply
2 votes
Teck-En
Teck-En
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
August 28, 2012

"Migrate users from one directory to another" button should just migrate all the internal user from internal directory to the delegated directory. From there, your user will be authenticate to the configured LDAP. It simply just shift the directory from one to another.

But if you're using any mixed case difference between the username in JIRA and the one in LDAP, you may need to replace the username to lowercase as the mixcase user(either JIRA or LDAP) caused quite some known issues in JIRA.

Reply
1 vote
Andreas Gounari
Andreas Gounaris
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
August 28, 2012

A very usefull tip I got fro Atlassian support for doing the migration is to rename users to match the LDAP user ID in the XML.

Thus, you do the export, edit the XML and change all userIDs with the correct LDAP name and then import back again.

Then, you click the link "Migrate users from one directory to another", as long as the new directory is of type "Delegated LDAP Authentication"

Note that you have to be extremely carefull during find and replace. Usernames might be included in other places as well, an email address for instance.

View More Comments
Peter Trubshaw
Peter Trubshaw September 2, 2012

Hi Andreas,

Are you suggesting we backup all of Jira, update the xml and then restore? or is there some way that we can do this with the user directory?

Like
Andreas Gounari
Andreas Gounaris
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
September 2, 2012
Yes, that's what is said, renaming user IDs is not supported and you must ensure they all match with LDAP prior migrating them.
Like
Reply
0 votes
Harry Chan5
Harry Chan
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
August 26, 2012

Hi, this JIRA issue - https://jira.atlassian.com/browse/JRA-24213 might provide more information. 1.1 and 1.2 is what got implemented in JIRA 5.0 and is the functionality being discussed here.

Reply
0 votes
Andreas Gounari
Andreas Gounaris
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
August 26, 2012

I'm really interested on this too, I thought after the user logs in using its AD credentials and its account is created in Jira, I could use a merge script (Groovy Runner) to migrate issues, group memberships and all other user references to the new account (the AD). That would leave me with one account per user, from the AD directory.

Unfortunatelly, the script fails somewhere in the middle of the migration. According to Jamie (GroovyRunner), the script doesn't support users from different directories.

So, that leaves us with the option to use the command "Migrate users from one directory to another". I wish we could have some kind of documentation and a couple of case studies from Atlassian.

The moment I got an answer from them, I'll post my findings.

Anyone else with an idea?

Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

    See all events