Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Bamboo failing to bind to Active Directory (LDAP) Server

Rob Griffiths
Rob Griffiths September 13, 2017

I'm attempting to configure Bamboo to talk to our active directory server following the instructions at https://confluence.atlassian.com/bamboo/integrating-bamboo-with-ldap-289277210.html - I've ended up with an xml file that looks quite similar to https://confluence.atlassian.com/dev/files/164870/8203/3/1214540227491/atlassian-user.xml

Whenever I try and load this config, though, it looks as though Bamboo is not attempting to authenticate and bind before it executes queries against AD. Whenever I switch i get a stack track with the "must bind before executing query" error. 

I've validated several options as below to try and narrow down the problem:

Incorrect hostname: Failed to lookup host error (Good)

Incorrect port: Failed to connect error (Good)

Incorrect username: Failed to bind error (so it is even trying? - I'd expect an "invalid credential" error)

Incorrect password: Failed to bind error (so it is even trying? - I'd expect an "invalid credential" error)

Has anyone seen this before and know why its happening? I'm hoping its just a missing setting. Please be aware that this is a customer project and as such I'm unlikely to be able to post logs directly. Thanks in advance for any help!

Answer
Watch
Like Be the first to like this
619 views

1 answer

0 votes
Joseph Allen
Joseph Allen September 13, 2017

Verify you have the correct username/password to connect to the AD server. I believe the "bind" refers to authenticating to AD and establishing a connection.

I had the issue with my crowd server and I had to fully qualify the username something like this...

CN=BAMBOO_AD_USER,OU=Domain1,OU=SubDomain1,DC=company,DC=com

If you don't know the fully qualified name, download AD Explorer (Free tool from microsoft) connect to your AD server and search for your user and it should tell you.

View More Comments
Rob Griffiths
Rob Griffiths September 13, 2017

Thanks for the reply!

I've tried with both the fully qualified name and the abbreviated "user@domain" style names and neither works - both of these can query AD succesfully through ldapsearch on a Linux command line.

When I deliberately get the password or username wrong through a direct LDAP lookup, it comes up with an "Invalid Credentials (49)" error as opposed to the error Bamboo is throwing:

"LDAP: error code 1 - 000004DC: LdapErr: DSID-0C090752, comment: In order to perform this operation a succesful bind must be completed on the connection"

Which is seems to throw whether the user and password is right or wrong.

Like
Rob Griffiths
Rob Griffiths September 14, 2017

Thanks again - I've double checked by pulling the user CN from AD directly and pasting into the xml file - and the password has been reset to something simple and double checked. Unfortunately (as it would be the simplest answer!) both look completely correct, but still getting the bind error.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Bamboo
Bamboo
TAGS
AUG Leaders

Atlassian Community Events

    See all events