How to Retrieve LDAP Bind Password for Confluence User Management Directories from the Database
Platform notice: Server and Data Center only. This article only applies to Atlassian products on the Server and Data Center platforms.
Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.
*Except Fisheye and Crucible
Summary
If you find yourself in a situation where you have forgotten your LDAP settings password, you can retrieve this information directly from the Confluence database. By accessing the cwd_directory_attribute table in the database, you can view the attributes associated with each LDAP directory, including the ldap.password attribute used for authenticating Atlassian Confluence with the LDAP directory.
Environment
Confluence Server and DC
Solution
SELECT d.directory_name AS directory, u.attribute_value AS username, a.attribute_value AS password
FROM cwd_directory d
JOIN cwd_directory_attribute u ON u.directory_id = d.id AND u.attribute_name = 'ldap.userdn'
JOIN cwd_directory_attribute a ON a.directory_id = d.id AND a.attribute_name = 'ldap.password';This query retrieves the directory name, and LDAP binds username and password for all directories stored in the cwd_directory table. Note that this query has been tested in PostgreSQL. Please adjust the syntax if needed to fit your database.
Note:
Please note that the LDAP bind password is stored in plaintext format in the Confluence database. If you are concerned about security and wish to have the password encrypted, you can vote for the following enhancement request: