Restore Passwords To Recover Admin User Rights
As an administrator, you may find yourself locked out of Jira because:
- You've imported a site from Cloud, and it does not contain a system administrator account.
- You've forgotten the password to the administrator account, and don't have access to the email address associated with it.
- You're using an external directory or Jira for user management, have disabled the built in user management, and your external directory is not currently available.
- You need to make a change to the configuration of an external user directory in Jira while that directory is not available.
In any of these situations you can use recovery mode to restore administrator access to Jira.
Using JIRA 6.4 or earlier? You'll need to use the database method to recover your admin user rights. See the earlier documentation.
Use recovery mode to restore access
Recovery mode works by creating a virtual user directory with a temporary admin account. You set the password for this admin account when applying the system property. Users can continue to log in and access Jira while it is in recovery mode.
To recover administrator user rights:
- Stop a Jira node
Add the following parameter to each available node according to the steps from the Setting properties and options on startup KB article, based on the method that's being used to start Jira:
This is generally applied in the setenv.sh or setenv.bat file (depending on your operating system type) in the <jira_install>/bin directory. Note: The < and > symbol in the command above is used as placeholder. Please replace <your-password> with the password of your choice.
- Start your Jira node. You may need to start them manually with the start-jira.sh or start-jira.bin scripts in the <jira_install>/bin directory.
- You can also enable recover mode this for every node as needed.
- Access the node and Log in to Jira with the username recovery_admin and the temporary password you specified in the system property.
- NOTE: In case you get "Invalid username or password" check the syntax from step 2, for example no space between two parameters or missing quotes.
- NOTE: When you have CROWD SSO enabled it may be needed to temporary disable this to login with recovery_admin.
- NOTE: You will be presented with the Welcome screen to create or import new projects. This is not indicating an empty instance.
- Reset the password for your existing admin account, or create a new account and add it to the appropriate administrator group.
- Confirm that you can successfully log in with your new account.
- Stop your Jira node
- Remove the -Datlassian.recovery.password parameter from each available node
- Start your Jira again normally
Good to know:
- Remove the system property as soon as you have restored admin access.
- Don't leave Jira in recovery mode, or use the recovery_admin account as a regular administrator account.
- Your temporary password should be a unique. Don't use an existing password or the one you intend to use for your admin account.
- Be sure to confirm there are active users with the Jira System Administrators global permission, or else you won't be able to manage some system features in Jira.