Attlasian Crowd to LDAP authentication

[Mohan]

Currently our gerrit instance authentication part is configured with attlasian crowd, we are planning to change the authentication to LDAP, So in this case replacing the entries in "gerrit.config" file would be good enough? (Or) any specfic methods need to be followed.

Please advise. Thanks.

[Mohan]

Hello, 

Basically, i need to keep all the existing accounts, their profiles and their previous review comments etc.. 

So could someone give some advices about performing for this switch?

[Mk]

I have replaced the entries in "gerrit.config" file, but now when we tried to login into gerrit web it says "Cannot assign user name "ramesh.kr" to account 15; name already in use." and in gerrit error_Log it says "[2023-03-15 10:02:06,872] [HTTP-74] ERROR com.google.gerrit.server.account.AccountManager : Cannot assign user name "ramesh.kr" to account 15; name already in use"

Can i know mysql statement to replace from database side?

[Mk]

Currently in our database it is stored as below.

select * from account_external_ids where external_id like "%ramesh.kr%";
+------------+-------------------------+--------------------------------------------+------------------------------------------------------------+
| account_id | email_address           | password                                   | external_id                                                |
+------------+-------------------------+--------------------------------------------+------------------------------------------------------------+
|          4 | rame...@company.com   | NULL                                       | http://162.115.285.145/openidserver/users/ramesh.kr        |
|          4 | NULL                    | 9yite4Wi4w+23zCBS8cZKLlaDVPmeWkKxctsGdg7+w | username:ramesh.kr                                         |
+------------+-------------------------+--------------------------------------------+------------------------------------------------------------+

Need help to replace them to use LDAP .

[Matthias Sohn]

On Wed, Mar 15, 2023 at 11:33 AM Mk <moha...@gmail.com> wrote:

Currently in our database it is stored as below.

select * from account_external_ids where external_id like "%ramesh.kr%";
+------------+-------------------------+--------------------------------------------+------------------------------------------------------------+
| account_id | email_address           | password                                   | external_id                                                |
+------------+-------------------------+--------------------------------------------+------------------------------------------------------------+
|          4 | rame...@company.com   | NULL                                       | http://162.115.285.145/openidserver/users/ramesh.kr        |
|          4 | NULL                    | 9yite4Wi4w+23zCBS8cZKLlaDVPmeWkKxctsGdg7+w | username:ramesh.kr                                         |
+------------+-------------------------+--------------------------------------------+------------------------------------------------------------+

Need help to replace them to use LDAP .

Please avoid top posting on this list, use interleaved posting instead.

See https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

Looks like you are still on some old 2.x release ?

You should consider upgrading to a supported release (3.5 or higher).

See https://www.gerritcodereview.com/support.html and https://endoflife.date/gerrit

AFAIR there are some uniqueness constraints on externalIds.

Though I don't remember how this was implemented in 2.x

and I have no time to dig this up for a release which is EOL.

-Matthias

 

On Wednesday, March 15, 2023 at 3:42:45 PM UTC+5:30 Mk wrote:

I have replaced the entries in "gerrit.config" file, but now when we tried to login into gerrit web it says "Cannot assign user name "ramesh.kr" to account 15; name already in use." and in gerrit error_Log it says "[2023-03-15 10:02:06,872] [HTTP-74] ERROR com.google.gerrit.server.account.AccountManager : Cannot assign user name "ramesh.kr" to account 15; name already in use"

Can i know mysql statement to replace from database side?

On Friday, March 10, 2023 at 9:20:51 PM UTC+5:30 Mohan wrote:

Hello, 

Basically, i need to keep all the existing accounts, their profiles and their previous review comments etc.. 

So could someone give some advices about performing for this switch?

On Wed, 8 Mar 2023, 9:26 pm Mohan, <moha...@gmail.com> wrote:

Currently our gerrit instance authentication part is configured with attlasian crowd, we are planning to change the authentication to LDAP, So in this case replacing the entries in "gerrit.config" file would be good enough? (Or) any specfic methods need to be followed.

Please advise. Thanks.

--
--
To unsubscribe, email repo-discuss...@googlegroups.com
More info at http://groups.google.com/group/repo-discuss?hl=en

---
You received this message because you are subscribed to the Google Groups "Repo and Gerrit Discussion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to repo-discuss...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/repo-discuss/eac23f50-55c5-4937-a52b-248559de1671n%40googlegroups.com.

[Mohan]

Thanks for your response. Currently we are on 2 .13.7 release and soon we will plan to upgrade it to supported version - 3.5 or higher.

I'm referring the "

https://groups.google.com/g/repo-discuss/c/VMpG0k119AY" workaround, but unfortunately not clear with the mysql statements. Example with my use case would be helpful.