Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Manually Synchronizing AD

Adi Alert
Adi Alert March 23, 2018

For some reasons i am not able to see my AD changes when i do manual synchronise (Sync only taking couple of sec's) on Bitbucket. But i do see those changes take affect after it updated from Auto Synchronisation Interval (default is set to 60 mins).

I have a new user added to a group in AD. Dont see that member in bitbucket group even after manual sync.

 

Additional Details: 

Directory Type: Microsoft Active Directory

I have verified that the changes have been made in AD hostname i configured but they do not reflect in Bitbucket.

Answer
Watch
Like Be the first to like this
1018 views

1 answer

0 votes
Mark A.
Mark A.
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
March 27, 2018

Hi Aditya,

I want to clarify a bit as you noted that on your automatic sync you see these changes and then note that for the new user added to a group, you do not see them in the Bitbucket group even after a manual sync. The last statement indicates that even automatic sync doesn’t work.

Clarification

As noted, the manual syncs do NOT pull in your changes. 

After making your AD changes for users and or groups, do the automatic sync pull in your changes?

Is the user you have configured for this user directory an administrator in AD?

Cheers,

Mark

View More Comments
Adi Alert
Adi Alert March 27, 2018

Hi Mark,

Thanks for clarification.

Automatic sync is pulling my AD changes.

I thought i can see the AD change right away if i do manual sync in Bitbucket. 

"Is the user you have configured for this user directory an administrator in AD?"

No

Like
Mark A.
Mark A.
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
March 28, 2018

Hello,

Regarding your AD, we note the following in our LDAP Documentation:

By default, all users can read the uSNChanged attribute; however, only administrators or users with relevant permissions can access the Deleted Objects container. The specific privileges required by the user to connect to LDAP are "Bind" and "Read" (user info, group info, group membership, update sequence number, deleted objects), which the user can obtain by being a member of the Active Directory's built-in administrators group.

Note that the incremental sync will fail silently if the Active Directory is accessed by a user without these privileges. This has been reported as CWD-3093.

I would like to get more detailed information and have you reproduce the issue. Due to the data that I need, I've created a support request for which you should have received an email for. This allows you to upload a support zip and detailed logging and have that information remain private.

Please check your emails for a link to the support case that I've opened.

-Mark

Like
Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
TAGS
AUG Leaders

Atlassian Community Events

    See all events