We currently have jira and confluence server applications. We are using Jira internal user directory for both jira and confluence. Half of these users also use ldap for authentication only.  We migrated from jira cloud a few years back and all of our usernames were first initial lastname (ex; chughes) so these users could not use ldap auth. We would need  to write sql scripts to change their usernames to match their ldap username (ex: corey.hughes) in order to use AD ldap authentication. 

Our corporate IT is wanting all users to use AD ldap directory only but considering we use a lot of jira internal security groups this would be a lot of work.   Would crowd enable users to use their AD ldap account to access JIRA and Confluence and allow me to use jira security groups?   Any advice on the best route I should take to tackle these issues?