Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

How do I authenticate against my LDAP server anonymously?

splatteredbits
splatteredbits April 8, 2016

Our Active Directory LDAP server allows anonymous connections so I'd like Bamboo to connect anonymously. When I omit the securityPrincipal and securityCredential elements from atlassian-user.xml file and use paddle to test my LDAP settings, I'm told:

> Username is missing from configuration, and anonymous authentication not configured

How do I configure anonymous authentication?

Answer
Watch
Like Be the first to like this
1865 views

1 answer

1 vote
Chris156
Chris April 8, 2016

Your Active Directory Domain Controllers should not be configured to allow anonymous binds. That's a massive security hole. The LDAP RFC specifications stipulate that LDAP binds should support credential exchange so there is no need to ever allow anonymous binds in AD. I strongly advise you ensure your domain controllers have anonymous binds disabled and set up a limited, read only account in AD that you can use to perform lookups with. Your bind account should be put into its own organizational unit, and not be a member of any groups except "Domain User", and have group policy applied to it that explicitly denies it permission to:

  1. Log in as a service.
  2. Log in via terminal services (RDP)
  3. Log in locally.
  4. Interact with the desktop.

Also, all of your LDAP settings go in atlassian-user-custom.xml, as LDAP/AD is a custom repository for Bamboo. 

 

Reply

Suggest an answer

Log in or Sign up to answer
Bamboo
Bamboo
TAGS
AUG Leaders

Atlassian Community Events

    See all events