Can't log in to Bitbucket with recovery_admin user

shabbaranks May 30, 2016

We're using Bitbucket version 4.4.1 to manage git repositories in a local Windows server installation.  The server is also host to a JIRA installation, which used LDAP user authentication.  Both are being run as a Windows service.

I'm trying to get Bitbucket to use the JIRA user authentication and followed the instructions on the Connecting Bitbucket Server to JIRA for user management page, possibly incorrectly or incompletely.  After completing that process, we can no longer log in to Bitbucket or access our git repositories.

I tried to log in with the Bitbucket administrator account, but was informed of an invalid username or password.  The JIRA instance still works as expected.

I followed the Lockout recovery process instructions for Bitbucket, but get the same 'invalid username or password' error when attempting to log in with the 'recovery_admin' user and password (set in the `JVM_SUPPORT_RECOMMENDED_ARGS` environment variable in the `setenv.bat` file).

In step 3 of the Lockout recovery process, it says "Log in to Bitbucket Server": does this mean log in via the web user interface, or something else?

Where should I start looking for what is wrong?

Update 1

In the atlassian-jira-security.log file I've found the following:

 

/rest/usermanagement/1/group/membership login: 'Bitbucket' tried to login but they do not have USE permission or weren't found. Deleting remember me cookie.

 Do I need to create a 'Bitbucket' user in JIRA, in addition to the application in the JIRA User Server configuration?

Update 2

I've restored the back-end MySQL database from before I made the change to the user authentication and still cannot log in, either as the old admin, or using the 'recovery_admin' account.

1 answer

1 accepted

2 votes
Answer accepted
Jeff Thomas
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
May 31, 2016

Hi Simon,

Regarding the lockout procedure for Bitbucket Server, since you're running on Windows and as a service, we'll need to add the -Datlassian.recovery.password=temporarypassword flag to the service using the following steps:

  1. Open the command window from Start >> Run >> type in 'cmd' >> Enter
  2. cd to the bin directory of the Bitbucket installation directory
  3. Run tomcat8w //ES//AtlassianBitbucket
  4. Click on the Java tab to see the list of current start-up options
  5. Add -Datlassian.recovery.password=temporarypassword on it's own line under Java Options
  6. Restart the Bitbucket Server service

Let me know if that allows you to access Bitbucket Server as the recovery account. I'll work on getting our documentation updated right now.

After logging in using the recovery process, we can try to recreate the link to the JIRA user server. It may also be helpful to look at the atlassian-bitbucket.log to see any errors the are being thrown when users attempt to login.

shabbaranks June 1, 2016

Thanks very much Jeff, prompt, helpful and successful.  I've now got Bitbucket using JIRA User Server for authentication.  Plus, I've added a system administrator user to the internal directory, just in case the link to JIRA fails.  (I might change the directory order, so that it tries the internal one first.)

The only, very minor snag, was that the short name for the service in our application was not AtlassianBitbucket, so my first attempt to use the tomcat edit service command failed.  It might be useful, to anyone unfamiliar with tomcat command line commands, to add a note or tip to the documentation on how to find the short name for the service.

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events