How Do I Migrate Crowd Internal Directory Users to a Delegated LDAP Directory?
Platform Notice: Data Center Only - This article only applies to Atlassian products on the Data Center platform.
Note that this KB was created for the Data Center version of the product. Data Center KBs for non-Data-Center-specific features may also work for Server versions of the product, however they have not been tested. Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.
*Except Fisheye and Crucible
This page contains information about an action that is not supported. It is provided as is, for use at your own risk.
Normally, attempts to use the Directory Importer to import Crowd Internal Directory users into a Delegated LDAP directory would be greeted with this error: "User Encryption Algorithms must match between directories". The following steps will help you migrate these internal users into a Delegated LDAP Directory.
Identify the directory ID of the Crowd Internal Directory, and the target LDAP Delegated Authentication Directory from this query (run against the Crowd database):
SELECT * FROM cwd_directory;Backup the Crowd database
Use the directory IDs in the following queries. Note that this will remove all users, groups and memberships from the source directory [Crowd Internal] and put them in the destination directory [Delegated LDAP]. Be sure to replace <destinationid> with the Delegated LDAP Directory's ID, and <sourceid> with the Crowd Internal Directory's ID:
UPDATE cwd_user SET directory_id = <destinationid> WHERE directory_id = <sourceid>; UPDATE cwd_group SET directory_id = <destinationid> WHERE directory_id = <sourceid>; UPDATE cwd_membership SET directory_id = <destinationid> WHERE directory_id = <sourceid>; UPDATE cwd_group_attribute SET directory_id = <destinationid> WHERE directory_id = <sourceid>; UPDATE cwd_user_attribute SET directory_id = <destinationid> WHERE directory_id = <sourceid>;To prevent the loss of users in the original Crowd Internal Directory, you can first create another Internal Directory, and import users, groups and memberships to that new directory. Then use the new Internal Directory's ID in the queries above.
Was this helpful?