block users during maintenance

Thank you. I choose to follow your last suggestion, as it is the easiest to implement quickly.

For others needing a quick guide to this, go to "Administration > Users > Global Permissions", to the line "JIRA Users", and [Delete] all groups (first making a note of them all, so as to restore the permission after the maintenance is completed).

Any users or groups with the "JIRA System Administrators" and/or "JIRA Administrators" permission (on this same page) will still be able to login. I am assuming that I will coordinate the maintenance period with any other users in these groups to avoid any conflicts.

After maintenance is completed, [Add] the Permission "JIRA Users" to the groups you noted earlier.

ciao - John.

The Apache way might not be the easiest to implement but it's by far the best. Removing global permissions will lead to permission denied error messages and disconcerted users.

I like the Apache way too because you can give folks a pacifier page.

Exactly. And the other way, you do stuff with jira down, while explaining to people what's going on and when they can expect it back.

Thanks to all -

JIRA is used internally, and I can shut it down without impacting users too much (I just need to time it correctly)

• I send users a timely message ("in 1 hour JIRA will be down")
• disable "JIRA Users" permission
• stop the JIRA service (to force all users out of the system)
  BTW: is there a monitor function somewhere to see if anyone is still using JIRA??
• after a cooling-down period, restart JIRA
• perform maintenance
• enable "JIRA Users"
• send a message that it's up and running

This is off topic, but just to clarify my situation:

I'm going through all this because we are changing all usernames from one LDAP domain to another, and each user is changing credentials from "personnel-number" to "firstname-lastname", and there is no supported JIRA method to change usernames (IDs). So I will backup to XML, edit the XML, and restore the data.

This is primarily due to JIRA not conforming to normalized relational database. JIRA is not using the primary key [ID] of the Users table as foreign key into other tables, but using the [username], thus making it incredibly difficult to change the username without having to change umpteen other links. What happens when someone gets married and changes their name?

If I do need to do this in the future, however, I will definitely look into "port change and pacifier page".

Thanks again for all your feedback.

ciao - John

We have Jira Software and Service Desk. Just system administrators are in Jira internal directory. Agents, customers and "normal" software users are defined with AD-sync. So disabling synced directories stops access for everyone except Jira administrators.
I think is a quite good approach if you meet this sceneario, because you don't have to involve other administrators (servers, networking, ...) of your organization. It's also quick and simple.

This is very similar to the method that I use as well, although I don't usually have a need to change the base url, just the port number.