Best way to lock down Jira for maintenance

Deleted user June 1, 2012

I need to do some some maintenance on our Jira instance and don't want folks using it while I'm doing this. The main reason is that I'm going to be mucking with a bunch of persmissions and if all hell breaks loose, I'd like to revert the VM instance like nothing every happend. What's the best way to lock users out while I'm doing this? Thanks!

4 answers

1 vote
Neal Applebaum
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
June 4, 2012

I use a much less heavy handed approach, and requires no back end magic. Keep in mind I'm on 3.13 so I am not sure this still works.

In Global Settings, find Global Permissions.

You will see permissions such as this:

  1. JIRA System Administrators
    Ability to perform all administration functions. There must be at least one group with this permission.
    Note: People with this permission can always log in to JIRA.
  2. JIRA Administrators
    Ability to perform most administration functions (excluding Import & Export, SMTP Configuration, etc.).
    Note: People with this permission can always log in to JIRA.
  3. JIRA Users
    Ability to login to JIRA. They are a 'user'. Any new users created will automatically join these groups.
    Note: All users need this permission to login to JIRA, even if they have other permissions.

Simply make sure (as a failsafe) that in addition to the "jira-users" group that is likely already there, that an admin group that only you belong to is also there. Then, just remove the "jira-users" group from the JIRA Users permission. Voila, no-one will be able to log in unless they also are a member of an admin group only you belong to. When you're done, add the "jira-users" group back in.

What's really nice about this approach is (as I recall), the banner indicating the system is down can be displayed so when they fail to log in they know why.

Of course, I don't know how this works with LDAP.

Norman Abramovitz
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
June 4, 2012

I will have to try this out on my test system in the near future.

Daniel Parker February 15, 2017

Users that are already logged in will remain logged in with this approach. We have to physically restart the instance after deleting the jira-users group from the permissions settings screen to guarantee all users are kicked out. Once the changes have been completed, add the jira-users group back and you're good to go, no restart required.

1 vote
Jobin Kuruvilla [Adaptavist]
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
June 1, 2012

Shut everyone off by changing the url ;) If you use Apache or IIS, turn it off. If you connect to direct url, change the port! Then you only knows the correct url and will be able to access it.

Luiz Felipe December 26, 2014

Boa!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

0 votes
Deleted user June 1, 2012

Ha! Didn't even think of that -- changing the port number. Good call guys, thanks!

0 votes
Norman Abramovitz
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
June 1, 2012

To backup Jobin's answer, I would follow one of the directions which meets your needs under how to do a consistent full backup.

https://confluence.atlassian.com/display/JIRA/Preventing+users+from+accessing+JIRA+during+backups

Deleted user June 1, 2012

Ha! Didn't even think of that -- changing the port number. Good call guys, thanks!

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events