How to anonymize users from LDAP

Related content

  • No related content found

Still need help?

The Atlassian Community is here for you.

Ask the community


Platform notice: Server and Data Center only. This article only applies to Atlassian products on the Server and Data Center platforms.

Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.

*Except Fisheye and Crucible

Problem

When using external LDAP, such as Active Directory, users cannot be anonymized directly as they are managed externally.

Resolution

As external users, they need to be modified externally, so, to have the user anonymized, the first action is to move the user out from the search string performed by Jira or delete it. When this action is performed, though, the user can be deleted from Jira or left inactive (this last happen when the user is requestor, assignee or left comments in issues).

In this last scenario, now with the user inactive, we can perform the anonymization as the regular procedure.

Example

The user "myuser" was created in LDAP, synchronized with Jira, some issues were assigned to it and we followed the above procedure to anonymized it.

  1. User was created and sync'ed
  2. Anonymization failed as expected
  3. After removing the user in LDAP, as it is assignee of some issues, it was left inactive

  4. Now the anonymization can be performed
  5. And the entries will no longer indicate the previous user

Anonymize user via REST API

Users can also be anonymised via Rest API and we need userKey as request parameter.

The userKey can be found from the app_user table, by below query

select * from app_user where lower_user_name like '%testuser%';

Request

<BASE_URL>/rest/api/2/user/anonymization?userKey=JIRAUSER10100&expand=affectedEntities

Response

{
    "errors": {},
    "warnings": {},
    "expand": "affectedEntities",
    "userKey": "JIRAUSER10100",
    "userName": "testuser",
    "displayName": "testuser",
    "deleted": false,
    "email": "testuser@xyz.com",
    "success": true,
    "affectedEntities": {
        "ANONYMIZE": [
            {
                "type": "ANONYMIZE",
                "description": "Full name in issue history"
            },
            {
                "type": "ANONYMIZE",
                "description": "User Profile",
                "numberOfOccurrences": 1,
                "uriDisplayName": "User Profile",
                "uri": "<BASE_URL>/secure/ViewProfile.jspa?name=testuser"
            },
            {
                "type": "ANONYMIZE",
                "description": "Permission",
                "numberOfOccurrences": 0
            },
            {
                "type": "ANONYMIZE",
                "description": "Scenario Person",
                "numberOfOccurrences": 0
            },
            {
                "type": "ANONYMIZE",
                "description": "Scenario Issue",
                "numberOfOccurrences": 0
            },
            {
                "type": "ANONYMIZE",
                "description": "Scenario Ability",
                "numberOfOccurrences": 0
            },
            {
                "type": "ANONYMIZE",
                "description": "Scenario Stage",
                "numberOfOccurrences": 0
            },
            {
                "type": "ANONYMIZE",
                "description": "Scenario Resource",
                "numberOfOccurrences": 0
            },
            {
                "type": "ANONYMIZE",
                "description": "Scenario Team",
                "numberOfOccurrences": 0
            },
            {
                "type": "ANONYMIZE",
                "description": "Saved View",
                "numberOfOccurrences": 0
            },
            {
                "type": "ANONYMIZE",
                "description": "Program",
                "numberOfOccurrences": 0
            },
            {
                "type": "ANONYMIZE",
                "description": "Scenario Skill",
                "numberOfOccurrences": 0
            },
            {
                "type": "ANONYMIZE",
                "description": "Scenario Team",
                "numberOfOccurrences": 0
            },
            {
                "type": "ANONYMIZE",
                "description": "Plan User Property",
                "numberOfOccurrences": 0
            },
            {
                "type": "ANONYMIZE",
                "description": "Scenario Version",
                "numberOfOccurrences": 0
            },
            {
                "type": "ANONYMIZE",
                "description": "Plan",
                "numberOfOccurrences": 0
            },
            {
                "type": "ANONYMIZE",
                "description": "Person",
                "numberOfOccurrences": 0
            }
        ],
        "TRANSFER_OWNERSHIP": [
            {
                "type": "TRANSFER_OWNERSHIP",
                "description": "Permission",
                "numberOfOccurrences": 0
            },
            {
                "type": "TRANSFER_OWNERSHIP",
                "description": "Plan",
                "numberOfOccurrences": 0
            },
            {
                "type": "TRANSFER_OWNERSHIP",
                "description": "Program",
                "numberOfOccurrences": 0
            },
            {
                "type": "TRANSFER_OWNERSHIP",
                "description": "Person",
                "numberOfOccurrences": 0
            }
        ]
    },
    "operations": [
        "USER_NAME_CHANGE",
        "USER_DISABLE",
        "USER_TRANSFER_OWNERSHIP_PLUGIN_POINTS",
        "USER_NAME_CHANGE_PLUGIN_POINTS",
        "USER_ANONYMIZE_PLUGIN_POINTS",
        "USER_EXTERNAL_ID_CHANGE"
    ],
    "businessLogicValidationFailed": false
}

Read more:


Same applies to comment. Only users that left comments in issues are kept as inactive.

Last modified on Mar 12, 2024

Was this helpful?

Yes
No
Provide feedback about this article

Related content

  • No related content found
Powered by Confluence and Scroll Viewport.