Microsoft Active Directory Synch No Users

Hi, I have setup Confluence with MS AD, and it pulls in my two groups for Confluence, however, it pulls in no users when I go to these groups. My users settings are listed below. Any idea why groups get pulled in, but no users in those groups?




User Object Class:required
The LDAP user object class type to use when loading users.
User Object Filter:required
The filter to use when searching user objects.
User Name Attribute:required
The attribute field to use on the user object. Examples: cn, sAMAccountName.
User Name RDN Attribute:
The RDN to use when loading the user username.Example: cn.
User First Name Attribute:required
The attribute field to use when loading the user first name.
User Last Name Attribute:required
The attribute field to use when loading the user last name.
User Display Name Attribute:required
The attribute field to use when loading the user full name.
User Email Attribute:required
The attribute field to use when loading the user email.
User Password Attribute:required
The attribute field to use when manipulating a user password.
User Unique ID Attribute:
The attribute field to use for tracking user identity across user renames.

3 answers

0 vote
Ann Worley Atlassian Team Jul 17, 2017

I would like to examine a Directory Configuration Summary for your case. I asked for that on this forum before and was told the code block wouldn't accept the cut and paste so perhaps you could screen shot the info and post it here - redact anything you don't want to share, of course.

Hi Ann, Thanks for your reply, here is the summary:


=== Directories configured ===
Directory ID:
Name: Confluence Internal Directory
Active: true
Created date: 2017-07-11 15:20:46.335
Updated date: 2017-07-11 15:20:46.335
Implementation class:
Encryption type: atlassian-security
"user_encryption_method": "atlassian-security"

Directory ID:
Name: LDAP server
Active: false
Created date: 2017-07-14 11:49:00.821
Updated date: 2017-07-17 14:00:39.072
Implementation class:
Encryption type: sha
"": "270"
"": "1500296403830"
"": "only_when_first_created"
"crowd.sync.incremental.enabled": "false"
"directory.cache.synchronise.interval": "3600"
"ldap.basedn": "OU=A,OU=S,OU=AD,DC=D,DC=net"
"ldap.connection.timeout": "10000"
"": "objectGUID"
"ldap.filter.expiredUsers": "true"
"": "description"
"": "(&(objectCategory=Group)(|(cn=confluence_users)(cn=confluence_admins)))"
"": "cn"
"": "group"
"": "member"
"ldap.local.groups": "true"
"ldap.nestedgroups.disabled": "true"
"ldap.pagedresults": "true"
"ldap.pagedresults.size": "1000"
"ldap.password": ********
"ldap.pool.timeout": "0"
"ldap.propogate.changes": "false"
"": "120000"
"ldap.referral": "false"
"ldap.relaxed.dn.standardisation": "true"
"ldap.roles.disabled": "true"
"": "60000"
"": "false"
"ldap.url": "ldap://"
"ldap.user.displayname": "displayName"
"": ""
"ldap.user.encryption": ""
"ldap.user.filter": "(|(objectCategory=person)(objectClass=user))"
"ldap.user.firstname": "givenName"
"": "memberOf"
"ldap.user.lastname": "sn"
"ldap.user.objectclass": "user"
"ldap.user.password": "unicodePwd"
"ldap.user.username": "userPrincipalName"
"ldap.user.username.rdn": "cn"
"ldap.userdn": ""
"ldap.usermembership.use": "true"
"ldap.usermembership.use.for.groups": "true"
"localUserStatusEnabled": "false"



Ann Worley Atlassian Team Jul 18, 2017

It looks like the directory is disabled at the moment, so it will not be periodically synchronizing:

Active: false

I am assuming you disabled it because it wasn't pulling in users.

Most of your settings are default. I noticed you are using userPrincipalName instead of sAMAccountName as the user name, that should be fine, though.

The object class is already set to user in the User Object Class field, so I am not sure why it is included in the user filter:

"ldap.user.filter": "(|(objectCategory=person)(objectClass=user))"

The default is:

  • Please try the following user filter:
  •  Please check whether the base DN is higher in the AD tree than the users so there are user objects beneath the designated Base DN.

I look forward to hearing the results.

One question, how do I set it up to use LDAP when users login?

I tired and it didn't work for me. I see all the users inculding myself.



Hi Ann,

I made that change to the filter but also started the base further up in the tree and its now pulled in the users.


Thanks= for you help!

Hi Ann,

I made that change d, but the testing tool still comes back user not found. Thouhgts?

Ann Worley Atlassian Team Jul 31, 2017

Can you find the user in User Management? You mentioned some users were pulled in, what if you test with a user that is definitely in User Management?

Please review Managing Multiple Directories. You may need to move your AD directory higher in the User Directory hierarchy before you can log in with your LDAP credentials.

Users will see a "Not Permitted" page if they log in without being added to the Global Permissions.


So I see the users in the AD groups, however, if I try and test the LDAP connection with my credentials in AD I get this:

Test retrieve user : Failed
User useridishere does not exist

Ann Worley Atlassian Team Aug 04, 2017

You mentioned you see all the users including yourself - is that under <Base_URL>/admin/users/showallusers.action? If you click on your username on that page you can verify which directory it is coming from, please make sure the user account you are seeing for your ID is not an internal one.


Finally been able to get back on this. I have been able to fix this. structure the search to jus the groups the users are in and ensured the username didn't have the domain. Thank for your help.

Suggest an answer

Log in or Join to answer
Community showcase
Kesha Thillainayagam
Posted Mar 05, 2018 in Confluence

We want to know what templates you're using in Confluence!

Hi Community!  My name is Kesha (kay-sha not Ke$ha) and I'm on the Confluence Product Marketing team. We are trying to understand and improve template use cases in Confluence, and are intereste...

2,678 views 32 5
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you
Atlassian Team Tour

Join us on the Team Tour

We're bringing product updates and pro tips on teamwork to ten cities around the world.

Save your spot