Are the scripts you're referring to available somewhere?

Groovy script for ScriptRunner that creates users:

import com.atlassian.jira.component.ComponentAccessor
import com.atlassian.jira.event.user.UserEventType
import com.atlassian.jira.exception.CreateException
import com.atlassian.jira.user.ApplicationUser
import com.atlassian.jira.user.UserDetails

def uu = ComponentAccessor.userUtil


// START config
def directoryId = 1L
def password = "dummy-password-for-all-users"
def usernamesWithMail = [ // "username": "mail-address"
 "john.doe" : "john.doe@example.com",
 "max.mustermann": "mm@example.com"
]
// END config


// START code
def successCount = 0
def failCount = 0
log.warn("creating ${usernamesWithMail.size()} users...")
usernamesWithMail.each { username, mail ->
 try {
 def userDetails = new UserDetails(username, username)
 .withDirectory(directoryId)
 .withPassword(password)
 .withEmail(mail)
 def user = uu.createUser(userDetails, false, UserEventType.USER_CREATED, [] as Set)
 successCount++
 log.warn("created user $user.name with mail $user.emailAddress")
 } catch (CreateException e) {
 log.warn("could not create user $username with mail $mail: $e.message")
 failCount++
 } catch (e) {
 log.error("error creating user $username with mail $mail", e)
 failCount++
 }
}

def res = "created $successCount users, $failCount failed"
log.warn("$res")
"$res. see Logs tab"

How can i move users from LDAP directory to Jira internal directory?

"We have a document on this topic" - Yes you have. But it doesn't work.

"This functionality allows for the following scenarios:

• Migrate all users from JIRA Internal to Delegated LDAP" - That's exactly what I want to do.

"

• Choose Additional Configuration & Troubleshooting (section) > Migrate users from one directory to another.
• This option will not appear if there are no valid directories to migrate from/to." - Well, this option DOES NOT appear although my scenario is previously mentioned to be valid. So your document is not complete. And yes, my LDAP directory is read/write.

Hi @Fabian Graevenitz 

There is no Read/Write option listed within a delegated LDAP directory, but there is for other non-delegated LDAP directories.  I suspect that you have setup Jira to use that LDAP directory in this non-delegated method, which in turn would make it invalid to migrate users to or from.

Please see this screenshot for more information:

In my example it defaulted to the 'delegated ldap auth' name, but the type also shows just OpenLDAP, not the OpenLDAP Read or Read/Write that happens in non-delegated user directories.  You can see how that is different than the screenshot in https://confluence.atlassian.com/adminjiraserver/configuring-user-directories-938847049.html which shows it as a directory type of 'OpenLDAP (Read-Write)'.

You will probably need to add this LDAP directory to Jira once more, but this time choose the option called 'Internal with LDAP Authentication'.

This should then let you migrate those users between directories.

Andy

@Andy HeinzerThank you for the appendix.

As you suspected I had an ordinary LDAP Server configured. Creating the delegated one worked partially. I than could migrate the users from Jira's point of view but I couldn't see those created users in my LDAP directory. Furthermore the group memberships were lost in that process. We are using Jira Server 8.5.5

I already had moved most of the users manually and there were only 3 of them left. So I decided to move them manually too instead of trying to figure out why automatic migration doesn't work properly.

Positive: Jira noticed these new users by name as documented and our users weren't be affected by that administrative change.