Certain users can't interface with stash from their PCs

Hi,

We run Stash which is connnected to the company active directory. We have noticed with two users now that suddenly their PCs are unable to interact with stash at all (can't pull, push, clone). We do not use putty or any ssh keys. However both users do have putty installed. I have eliminated certain things:

  • They can clone from elsewhere (also push and pull). They can interact with git repositories that require no authentication (github, other repositories on the local network)
  • On another PC that user can access the stash server and interact.

These two things suggest that there is nothing wrong with the user profile on stash (permissions etc are fine)

What I have summised from this is that the user has something in their profile (windows profile) that is causing the problem. We deleted one of these users entire profile and reconstituted it and this resolved the issue. This is obviously not an ideal solution.

My question is what do I need to delete from the users profile to make sure that they can authenticate with stash properly. A normal user gets prompted for their password when interacting with stash but these users do not get this request. 

I have searched for an answer for ages but can't seem to find someone with a similar problem.

 

Any help would be appreciated.

Haemish

6 answers

0 vote

You do not use SSH keys, so that implies all push/pull etc is over https?

That is correct yes. Under normal conditions we clone using a url like so: http://EZHAEM@ezstash.opmain.ds.corp/scm/latex/doctemplate.git it then requests a password (which is our windows active directory password) and once we put it in we are away. With the users experiencing this problem the password is never asked for!

0 vote

I don't have much, but I would advise setting: set GIT_CURL_VERBOSE=1 then running the git command. You can post the output up here. Also compare it the output from one of the working users/machines.

Thanks for your feedback. I have captured the logs below. The broken computer is first. It seems to find the server but then timesout because of a lack of response. Any thoughts. Thanks for your help so far. *********************************************The broken computer's log is********************************************* $ git pull * Couldn't find host ezstash.opmain.ds.corp in the _netrc file; using defaults * Trying 10.93.250.10... * Connected to zapryproxy01.opmain.ds.corp (10.93.250.10) port 3128 (#0) * Proxy auth using Basic with user 'ezwest' > GET http://ezhaem@ezstash.opmain.ds.corp/scm/latex/doctemplate.git/info/refs?s ervice=git-upload-pack HTTP/1.1 Proxy-Authorization: Basic ZXp3ZXN0OkhvcGUyMDE1 User-Agent: git/1.9.5.msysgit.1 Host: ezstash.opmain.ds.corp Accept: */* Accept-Encoding: gzip Proxy-Connection: Keep-Alive Pragma: no-cache < HTTP/1.1 504 Gateway Timeout < Mime-Version: 1.0 < Date: Tue, 23 Jun 2015 14:15:51 GMT < Via: 1.1 ZAPRYPROXY01.opmain.ds.corp:3128 (Cisco-WSA/8.5.2-027) < Content-Type: text/html < Connection: keep-alive < Proxy-Connection: keep-alive < Content-Length: 2715 < * Connection #0 to host zapryproxy01.opmain.ds.corp left intact fatal: unable to access 'http://ezhaem@ezstash.opmain.ds.corp/scm/latex/doctempl ate.git/': The requested URL returned error: 504 ************************************************The working computer's log is***************************************** $ git pull * Couldn't find host ezstash.opmain.ds.corp in the _netrc file; using defaults * Adding handle: conn: 0x227efd0 * Adding handle: send: 0 * Adding handle: recv: 0 * Curl_addHandleToPipeline: length: 1 * - Conn 0 (0x227efd0) send_pipe: 1, recv_pipe: 0 * About to connect() to ezstash.opmain.ds.corp port 80 (#0) * Trying 10.93.228.21... * Connected to ezstash.opmain.ds.corp (10.93.228.21) port 80 (#0) > GET /scm/latex/doctemplate.git/info/refs?service=git-upload-pack HTTP/1.1 User-Agent: git/1.9.5.msysgit.0 Host: ezstash.opmain.ds.corp Accept: */* Accept-Encoding: gzip Pragma: no-cache < HTTP/1.1 401 Unauthorized * Server Apache-Coyote/1.1 is not blacklisted < Server: Apache-Coyote/1.1 < X-AREQUESTID: @1OE7SHYx978x72322x0 < X-ASEN: SEN-3068575 < X-XSS-Protection: 1; mode=block < X-Frame-Options: SAMEORIGIN < X-Content-Type-Options: nosniff < WWW-Authenticate: Basic realm="Atlassian Stash" < Content-Length: 0 < Date: Tue, 23 Jun 2015 14:18:58 GMT < * Connection #0 to host ezstash.opmain.ds.corp left intact * Issue another request to this URL: 'http://EZWEST@ezstash.opmain.ds.corp/scm/l atex/doctemplate.git/info/refs?service=git-upload-pack' * Couldn't find host ezstash.opmain.ds.corp in the _netrc file; using defaults * Found bundle for host ezstash.opmain.ds.corp: 0x2261b88 * Re-using existing connection! (#0) with host ezstash.opmain.ds.corp * Connected to ezstash.opmain.ds.corp (10.93.228.21) port 80 (#0) * Adding handle: conn: 0x227efd0 * Adding handle: send: 0 * Adding handle: recv: 0 * Curl_addHandleToPipeline: length: 1 * - Conn 0 (0x227efd0) send_pipe: 1, recv_pipe: 0 * Server auth using Basic with user 'EZWEST' > GET /scm/latex/doctemplate.git/info/refs?service=git-upload-pack HTTP/1.1 Authorization: Basic RVpXRVNUOg== User-Agent: git/1.9.5.msysgit.0 Host: ezstash.opmain.ds.corp Accept: */* Accept-Encoding: gzip Pragma: no-cache < HTTP/1.1 401 Unauthorized * Server Apache-Coyote/1.1 is not blacklisted < Server: Apache-Coyote/1.1 < X-AREQUESTID: @1OE7SHYx978x72323x0 < X-ASEN: SEN-3068575 < Set-Cookie: _atl_stash_remember_me=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ * Authentication problem. Ignoring this. < WWW-Authenticate: Basic realm="Atlassian Stash" < Content-Length: 0 < Date: Tue, 23 Jun 2015 14:18:58 GMT < * Connection #0 to host ezstash.opmain.ds.corp left intact Password for 'http://EZWEST@ezstash.opmain.ds.corp';: * Couldn't find host ezstash.opmain.ds.corp in the _netrc file; using defaults * Found bundle for host ezstash.opmain.ds.corp: 0x2261b88 * Re-using existing connection! (#0) with host ezstash.opmain.ds.corp * Connected to ezstash.opmain.ds.corp (10.93.228.21) port 80 (#0) * Adding handle: conn: 0x227efd0 * Adding handle: send: 0 * Adding handle: recv: 0 * Curl_addHandleToPipeline: length: 1 * - Conn 0 (0x227efd0) send_pipe: 1, recv_pipe: 0 * Server auth using Basic with user 'EZWEST' > GET /scm/latex/doctemplate.git/info/refs?service=git-upload-pack HTTP/1.1 Authorization: Basic RVpXRVNUOkNhc3MyMDIz User-Agent: git/1.9.5.msysgit.0 Host: ezstash.opmain.ds.corp Accept: */* Accept-Encoding: gzip Pragma: no-cache < HTTP/1.1 401 Unauthorized * Server Apache-Coyote/1.1 is not blacklisted < Server: Apache-Coyote/1.1 < X-AREQUESTID: @1OE7SHYx979x72324x0 < X-ASEN: SEN-3068575 < Set-Cookie: _atl_stash_remember_me=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ * Authentication problem. Ignoring this. < WWW-Authenticate: Basic realm="Atlassian Stash" < Content-Length: 0 < Date: Tue, 23 Jun 2015 14:19:06 GMT < * Connection #0 to host ezstash.opmain.ds.corp left intact fatal: Authentication failed for 'http://EZWEST@ezstash.opmain.ds.corp/scm/latex /doctemplate.git/'

0 vote
Jeff Thomas Atlassian Team Jun 23, 2015

The timeout error is coming from the Cisco Web Security Appliance. Do these users sit on a difference network or connect through a proxy to get to the server? If they have a local VPN running, have them turn it off and try again.

Version 1.9.5.msysgit.1 is broken, it doesn't send Realm in the authorization header. Use 1.9.5.msysgit.0.

Suggest an answer

Log in or Sign up to answer
How to earn badges on the Atlassian Community

How to earn badges on the Atlassian Community

Badges are a great way to show off community activity, whether you’re a newbie or a Champion.

Learn more
Community showcase
Posted Jun 06, 2018 in Bitbucket

Do you use Bitbucket Cloud and Jira Cloud? If so, let us know!

Hi Community, I'm Julia and I'm on the Jira Software Cloud marketing team!  We're looking for companies or teams using Bitbucket Cloud and Jira Software Cloud. If your team fits the t...

151 views 6 3
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you