Unable to log in to confluence - "Could not find group configured with USE permission"

I'm using LDAP/active directory for authentication and we were changing some configurations for LDAP which seemed to work fine. The main thingt hat was changed is that we added a Group DN to the config to search for groups. We got this working fine and we were able to log in and synchronise with LDAP just fine.

Now I got the genius idea to disable the internal confluence directory to try to reduce the amount of active users since we're 1 above our license limit.

After that I'm unable to log in using any user, not the local admin account or active directory users. I've reenabled the internal directory in the the database and changed the directory order without success. 

These are the messages I get from the logs:

2017-09-06 08:55:26,967 INFO [read-only-transaction:thread-1] [atlassian.confluence.user.DefaultUserAccessor] getUserNamesWithConfluenceAccess Could not find group configured with USE permission: confluence-users
2017-09-06 08:55:26,967 INFO [read-only-transaction:thread-1] [atlassian.confluence.user.DefaultUserAccessor] getUserNamesWithConfluenceAccess Could not find group configured with USE permission: confluence-administrators
2017-09-06 08:55:27,828 INFO [localhost-startStop-1] [com.atlassian.confluence.lifecycle] init Confluence is ready to serve
2017-09-06 08:56:53,198 WARN [http-nio-3011-exec-8] [atlassian.seraph.auth.DefaultAuthenticator] login login : 'admin' tried to login but they do not have USE permission or weren't found. Deleting remember me cookie.
-- referer: http://docs.company.local/dologin.action | url: /dologin.action | traceId: b558b8b887f9be42
2017-09-06 08:57:07,576 WARN [http-nio-3011-exec-2] [atlassian.seraph.auth.DefaultAuthenticator] login login : 'ADuser' tried to login but they do not have USE permission or weren't found. Deleting remember me cookie.
-- referer: http://docs.company.local/dologin.action | url: /dologin.action | traceId: 8e20a373d41e0be0

I have made sure that both of these users are in the confluence-users and confluence-admin groups in the cwd_membership table in the database(of which there are two sets for some reason) but that didn't make any difference.

I've restarted confluence multiple times after each database change but it still doesn't work.

1 answer

1 accepted

This widget could not be displayed.
Yilin Mo Atlassian Team Sep 06, 2017

Please bear in mind that in the newer version of Confluence, we have the group membership aggregation enable by default, so in case that the admin user account or ADuser user account are duplicated on both Internal and LDAP user directory with different set of membership setting when the Internal one is disabled, those users might lose access due the membership change. 

 

I would like to suggest you to double check the membership setting via the database whether it belongs to the LDAP user directory, Otherwise, you might need to adjust the membership on the LDAP server for both user, restart Confluence to force the synchronization before you can log in again.

I have an internal user and an AD user with the same usernames, that was probably what caused it. But I managed to solve the problem by using a database backup from a couple of days ago.

Regardless, thanks for the help.

Suggest an answer

Log in or Sign up to answer
Community showcase
Posted Monday in Confluence

Why start from scratch? Introducing four new templates for Confluence Cloud

Hi my Community friends!  For those who don't know me, I'm a product marketer on the Confluence Cloud team - nice to meet you! For those of you who do, you know that I've been all up in your Co...

481 views 6 6
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you