Our Active Directory LDAP server allows anonymous connections so I'd like Bamboo to connect anonymously. When I omit the securityPrincipal
and securityCredential
elements from atlassian-user.xml file and use paddle to test my LDAP settings, I'm told:
> Username is missing from configuration, and anonymous authentication not configured
How do I configure anonymous authentication?
Your Active Directory Domain Controllers should not be configured to allow anonymous binds. That's a massive security hole. The LDAP RFC specifications stipulate that LDAP binds should support credential exchange so there is no need to ever allow anonymous binds in AD. I strongly advise you ensure your domain controllers have anonymous binds disabled and set up a limited, read only account in AD that you can use to perform lookups with. Your bind account should be put into its own organizational unit, and not be a member of any groups except "Domain User", and have group policy applied to it that explicitly denies it permission to:
Also, all of your LDAP settings go in atlassian-user-custom.xml, as LDAP/AD is a custom repository for Bamboo.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.