Hello!
For Azure AD authentication Im using this provider: https://github.com/davido/gerrit-oauth-provider
Im currently in proces of implementing Azure AD login to my different tools. As I'm using Gerrit I'm trying to also implement it there, but I found one issue which is stopping me. I have around 15 users in Gerrit which are using it daily, all of them have Azure AD account. When I login with users which did not have account before, new users is created, great!
But when I tried to login with user which exist I got this error:
Unable to authenticate user "com.google.gerrit.extensions.auth.oauth.OAuthUserInfo@3bdcd754" com.google.gerrit.server.account.AccountException: Email 'exa...@email.com' in use by another account
So I change that user email, but then complete new user is created. It is not liked as I though it will do. Probably there is some identity difference, as I see normaly user have some identity like name.surname and Azure AD have whole clientID number from Azure?
Do you know if there is a way to migrate user, or maybe manually swap their identity? I don't have much knowledge how to even change that identity cause Gerrit don't have any members UI...
Steps below if someone have same problem :)
Clone All-Users repo:
git clone "https://gerrit.example.com/a/All-Users"
Add rights to Admin group:
Go to All-Users folder which you clone and do some git magic:
Get new user ID via Rest API or user can tell you his ID and search it:
Edit file which you searched and changed accountId to the one you want to link with this externatId
Push changed to repo: