Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Groups
Explore all groups
Community resources

LDAP Membership information not being retrieved

Charlie Barker
Charlie Barker Oct 19, 2011

We are using Confluence Version 4.0 on Windows Server 2008 R2 6.1

User Directories Config
=================
Confluence Internal Directory Internal
Upgraded atlassian-user LDAP (ldapRepository) Microsoft Active Directory (Read Only, with Local Groups)

We see AD users and Groups but membership information is not displayed. In a space we can grant permissions to an AD group but members of that group cannot access the space.

If anyone has an idea on how we could resolve this I would be eternally grateful.

Answer
Watch
Like Be the first to like this

4 answers

1 accepted

0 votes
Accepted answer
Charlie Barker
Charlie Barker Nov 15, 2011

This was caused by the the user information being authenticated by the wrong database. In Jira, we use three databases at the moment. There is the internal database, LDAP authentication database for our London users and Active directory authentication for our SA users. So, to resolve this, we deleted the affected users which at the time were pointing to either the internal database or LDAP London database and their account were automatically synced into wiki and jira, pointing to the right LDAP database for authentication.

Reply
1 vote
Manse Wolken
Manse Wolken Oct 19, 2011

I tried to use the memberOf parameter and got no results.

So i did stay with the "normal" use, telling Confluence the additional user and group dn, and made sure that i used the richt attribute for groupmembership. In my case (OpenDS): uniqueMember

I think the memberOf Feature should speed up things, because Confluence shoud not have to search every Group for membership.

But i don't know in which cases this feature works.

Good luck

Manse

Reply
0 votes
Kimberly McKinn
Kimberly McKinnis Oct 19, 2011

Not so helpful, but I'm also struggling with this with openLDAP and Linux. I'm unsure if it's even a supported feature, am subscribing to this question :)

I should add that I have tried using the memberOf parameter, but it returns blank, even though I can view the list of groups, with both OpenLDAP and ApacheDS :( Have you done the same?

http://confluence.atlassian.com/display/DOC/Connecting+to+an+LDAP+Directory

Reply
0 votes
Manse Wolken
Manse Wolken Oct 31, 2011

Well I haven't enabled "memberOf" in none of the Confluence and Jira Instances that I administrate.

And as LDAP Server: We use OpenDS.

But for OpenDS we use "uniqueMember" for the "Group member" attribute, rest like AD.

For Active Directory I use:

Enabled Nested Groups

"member" as "Group member" attribute

"memberOf" as group-membership attribute (the second field in the group membership options)

DISABELD both cases on "Use of 'memberOf'

Apache Directory Studio seems to use a bit different type of LDAP searches. There the memberOf feature works, with AD and OpenDS.

Was that of helpful? or do you need more Info?

Reply

Suggest an answer

Log in or Sign up to answer
Community showcase
Elaine Hankins
Elaine Hankins
Posted Monday in Confluence

Organizing your space just got easier - Page Tree Drag & Drop is here

Hi Community! I’m Elaine, Confluence Product Manager. You may have read my earlier post about page tree in space navigation sidebar. I'm excited to share another improvement that helps you organize ...

76 views 3 3
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you