Our Active Directory LDAP server allows anonymous connections so I'd like Bamboo to connect anonymously. When I omit the
securityCredential elements from atlassian-user.xml file and use paddle to test my LDAP settings, I'm told:
> Username is missing from configuration, and anonymous authentication not configured
How do I configure anonymous authentication?
Your Active Directory Domain Controllers should not be configured to allow anonymous binds. That's a massive security hole. The LDAP RFC specifications stipulate that LDAP binds should support credential exchange so there is no need to ever allow anonymous binds in AD. I strongly advise you ensure your domain controllers have anonymous binds disabled and set up a limited, read only account in AD that you can use to perform lookups with. Your bind account should be put into its own organizational unit, and not be a member of any groups except "Domain User", and have group policy applied to it that explicitly denies it permission to:
Also, all of your LDAP settings go in atlassian-user-custom.xml, as LDAP/AD is a custom repository for Bamboo.
I'm John Allspaw, co-founder of Adaptive Capacity Labs, where we help teams use their incidents to learn and improve. We bring research-driven methods and approaches to drive effective inciden...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs