For one of my implementations, we had a JIRA instance with 300 odd users in JIRA Internal Directory. So, the JIRA Admin takes care of User Management, creates new user with username, adds them to respective groups, etc. Each of these users had different username formats. So there was no standard being followed.

Now, the objective was to move/migrate/fetch users from Active Directory. No more maintaining users inside Internal Directory, all user authentication will happen with Active Directory.

Following are the steps:

  1. Update usernames of all users in JIRA Internal Directory to sync with usernames in Active Directory. This is very important and pre-requisite before moving the users to AD.
  2. Create a list of users with respective JIRA internal groups. Each user would be multiple groups, example, jira-software-users, jira-administrators, jira-testers, jira-developers, jira-project-x-members, etc.
  3. Add the Active Directory Configuration from the Admin > User Directories page
  4. Bring this AD configuration at the TOP, in the order of User Directories.
  5. Click on Synchronize to sync the users from AD
  6. Once the synchronization is completed, check the users page to view all users from Active Directory
  7. Re-assign the respective groups to each user from step 2.
  8. That's it.

Note: Always test this on TEST environment. And always have backup of production before implementing/executing it on PRODUCTION.

Hope this helps you.