1

I'm in the process of migrating an existing installation of SCM-Manager 1.60 to 2.x. On the 1.60 the users were authenticated with the Atlassian Crowd plugin, which seems to not exist anymore in 2.x. Hence I configured the 2.x server to authenticate directly against the ActiveDirectory.

Now the users can't log in, even though the test of the LDAP plugin with the same credentials succeeds. After deleting a user for testing purposes I was able to log in with it with the LDAP authentication, so I assume users can only exist once with one user type. It a user of the type "crowd" exists he can't log in through LDAP.

This leads to the question: Can I somehow migrate all existing users from the type "crowd" to the type "ldap"?

I assume when I delete a user so he can log in with the new authentication method SCM-Manager will also delete all permissions he had on the 500+ repositories.

Gerald Schneider
  • 17,416
  • 9
  • 60
  • 78

1 Answers1

2

Repository permissions as well as memberships for groups are stored independently of the concrete user object. This way you can configure user credentials although the user has not been logged into the system, yet. This is true for other configurations of plugins like the path or branch write protection plugins, too. You can check this by deleting a user with special permissions in a repository. The permissions will stay, although the user was deleted.

The only permissions that will be deleted with the user itself are the ones configured directly in the settings for the user.

So as far as I understand your question, there is no need for migration (as long as the username stays the same).

Nonetheless I would advise to think about the usage of groups. The LDAP plugin of the SCM-Manager also reads the LDAP group memberships, so that this might be a more sustainable approach.

Rene Pfeuffer
  • 131
  • 1
  • 6