Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Is a Jira internal directory admin account required when using LDAP?

Kevin Paulus
Kevin Paulus
Contributor
October 3, 2022

Our internet security boss wants "ALL" internal directory accounts removed.  We use an LDAP directory (read-only with local groups).  As the system admin, I have my LDAP account, but also two internal directory accounts used for access when the corporate exchange server is offline or when I need to replicate the permissions of another user's account to provide troubleshooting assistance.

Answer
Watch
Like Be the first to like this
690 views

1 answer

1 accepted

3 votes
Answer accepted
Florian Bonniec
Florian Bonniec
Community Champion
October 3, 2022

Hi @Kevin Paulus 

I do not recommand to remove all internal account but keep at least 1 user admin. If you remove all of them and have an issue with your AD, you will be locked from JIRA. Same if the user account to connect to the AD changed you will not be able to log in again into JIRA. More over you cannot edit the directory you "come from" so if you want to update the AD Directory you need an account that do not come from this AD.

 

Regards

View More Comments
Kevin Paulus
Kevin Paulus
Contributor
October 3, 2022

Thank you Florian,
            I think its a case of educating the boss on how the software they bought works.  I'm sure they will point to the recovery mode as the recommended process, but we have been there previously and that is just not as simple as the instructions claim.   I was hoping to find a direct statement in the software documentation that better explains the purpose of the internal directory.  I am still looking. 

Like
Florian Bonniec
Florian Bonniec
Community Champion
October 3, 2022

The process of the recovery user is defined below.

https://confluence.atlassian.com/jirakb/restore-passwords-to-recover-admin-user-rights-972329273.html

I would say that it's less an issue than before since you do not have downtime since JIRA DC.

It also require access to the node system, so in big company it can be an isue as it will not be reactive enough.

 

Regards

Like
Kevin Paulus
Kevin Paulus
Contributor
October 5, 2022

@Florian Bonniec ,
          We're not in DC yet but are working our way up that path.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
DEPLOYMENT TYPE
SERVER
VERSION
8.20.1
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security