Hello,
I've set up a new confluence server and still activated the LDAP-User Directory function with Microsoft Active Directory connection. At the moment I use an administrator user with administrator domain rights to connect to the active directory server. And I've set up the permission to "Read Only" (at the moment).
Currently it is possible to login via the AD User credentials for all our employees (active AD user). Thats pretty good. So the next step and question for me is the following challenge:
Is it possible, when I use the option "Read/Write" in the Permission Settings section, that AD users can change their own AD password via the Confluence profile settings dialog?
Thank you very much.
Kind regards,
Matthias
Sorry, my english is not the best
Hi Daniel,
thank your for your answer. I've just set up "Read/Write". When I try to change a user password in Confluence (Profile --> Password) I get the following error message "The following error(s) occurred:
So as you described, I've set up the option "Use SSL" with the default port 636 (test via telnet: our ad-server responces on port 636).
When I click on "Quick Test" the following error message appears:
"Connection test failed. Response from the server:
server1.domain.com:636; nested exception is javax.naming.CommunicationException: server1.domain.com:636 [Root exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target]"
So I think there is no ssl certificate on our server1? Or what is the problem? Do I have to set up mor in Confluence?
Thank you very much!
Kind regards,
Matthias
Sorry - I missed your response earlier, hopefully this is still helpful!
You are right - it looks like Confluence does not trust the certificate on your AD server. Atlassian has instructions on adding the certificate to the trust store here: https://confluence.atlassian.com/jira/connecting-to-ssl-services-117455.html Keep in mind that you need to restart Confluence after installing the certificate!
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Matthias,
Users will be able to change their passwords for AD via Confluence if the connection is set to Read/Write. However, it also needs to be set to LDAPS (LDAP over SSL) or else users will get an error when they actually submit their new password.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.