We use AD to authenticate to Confluence. Lately we've had some users unable to log in to Confluence for reasons unknown, though the password works for other AD-authenticated applications, including their workstations. Some have tried using Confluence Password Reset feature, but doing so invariably ends with a "network error occurred" error. My question is, is the password reset feature even useful in this scenario? If the reset form is unable to write changes in AD, then it's not going to work, right?Second question: if the affected user knows his/her AD password is correct, how then do they log in again to Confluence if AD is the authenticator of record?

Community
Q&A
Confluence
Questions
We use AD for authentication. Is the Confluence password reset feature simply not going to be effective in this configuration?

Anonymous user can create/delete pages

Hello - I am using a Confluence space as a knowledge base for users of my app. We are just about ready to launch this and I now notice that an anonymous user can create and delete pages.

But I have these permissions turned off. See below screenshot.

Am I missing something? Screen Shot 2020-01-02 at 2.34.41 PM.png

1 answer

1 accepted

1 vote

Answer accepted

The password reset feature should work, as long as you have the AD setup to read/write changes back to AD. If you don't want that to happen, you can change it to read only and groups, and turn the external management on. Also, I would check to see that the syncs are going through successfully.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Thank you for your reply, Mr. Jackson. We do have the user directories set up as: 1) LDAP Server - Microsoft Active Directory (read only with local groups); and 2) Confluence Internal Directory (Internal) in that order. Synchronizing does appear to be happening, and I'm able to manually synchronize the LDAP connection. Would you mind elaborating on turning external management on? I'm not familiar with that option. I should add that our network team is unlikely to allow read/write back to AD from Confluence. Thanks again.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Not sure what version of confluence you are on, but it should be the same steps.

Go to general configuration
Security Configuration
Click edit and check the External user management box.

That will remove the forgot password link from the confluence login page

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Many thanks for your replies and recommendations.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Forums

Q&A

Community resources

Support

Top groups

Community resources

Support

Learn

Community resources

Support

Events

Community resources

Support

Anonymous user can create/delete pages

1 answer

1 accepted

Suggest an answer

Was this helpful?

Thanks!

TAGS

Atlassian Community Events