1. Installed Bitbucket trial version for enterprise admin as admin user id.
2. Followed the instruction provided in the following link to configure delegation:
Inputs provided by running ldp.exe on the system:
Hostname: dnsHostName from LDP
UserName: Company domain ID used for logging into my system
BASE DN: serviceName from LDP
Checked Copy Users on Login
Test connection successful.
3. Logged out and logged back in using my company ID.
Throws an error: Invalid user name or password.
Not sure what I am doing wrong. Looks like I am missing something.
Hi @Tech User 29,
Welcome to the Atlassian Community.
Did you add your AD account as a member of the bitbucket-user group after you did the initial sync with your new user directory?
Thanks Mikael for the reply.
Yes, the user is part of stash-users group that has Bitbucket User checkbox selected in global permissions. I thought the user should get created automatically if I select create users on logon option and provide stash-users as default group but it didn't work. I then created user manually and added it to the stash-users group. Everytime it throws the same error: Invalid username or password.
Checked the logs: No info except audit log has authentication error: AuthenticationFailureEvent | AD user name | 1576186223814
Does the user name input (the distinguished name of user that app will use when connecting to directory server) need any additional privileges? Currently I have set it to my AD user name.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
The user that is being used to connect to the AD in the user directory just needs read access.
Did the user exist in the Bitbucket internal directory before you added the delegated directory? Which directory is first in your list, the internal or the delegated one?
I have not used the delegated option for a user directory, I use AD directories with local groups instead, that way if a user gets updated in the AD it will be reflected in Bitbucket on the next sync.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
As a test try and add a new directory that is using AD instead of delegated, once you have that setup you can use Test to verify that Bitbucket can communicate with your AD correctly and get the user. The directory does not have to be enabled in order to use the Test.
If the test is successful you should see something like this:
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.