Administrator Cannot Login After Reordering User Directories
Platform Notice: Data Center Only - This article only applies to Atlassian products on the Data Center platform.
Note that this KB was created for the Data Center version of the product. Data Center KBs for non-Data-Center-specific features may also work for Server versions of the product, however they have not been tested. Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.
*Except Fisheye and Crucible
Symptoms
After reordering User Directories in JIRA, an administrator cannot log in despite providing correct credentials.
Cause
There is a duplicate user with the same username in a directory with a newly-reordered higher position. Currently, JIRA does not support 'shadowed' users. This is a known limitation tracked in JRA-23861 - An admin can lock themselves out of JIRA by changing the order of the User Directories.
Resolution
Option 1:
Request the assistance of another administrator and ask them to revert the ordering modification.
Option 2:
Temporarily disable the directory in the higher position with help of SQL.
Always back up your data before making any database modifications. If possible, test any alter, insert, update, or delete SQL commands on a staging server first.
List all currently defined directories:
1 2 3 4 5 6 7select id, directory_name, active from cwd_directory; ID DIRECTORY_NAME ACTIVE ----- ----------------------- ------ 10102 AD win2k8 1 1 JIRA Internal Directory 1 10106 Active Directory server 1 3 row(s) in 0 msDisable the conflicting directory. In our example we will disable directory with ID 10102:
1update cwd_directory set active=0 where id=10102Restart Tomcat in order to apply the change.
Was this helpful?