User Directories: Active Directory configuration - user password change?

Hello,

 

I've set up a new confluence server and still activated the LDAP-User Directory function with Microsoft Active Directory connection. At the moment I use an administrator user with administrator domain rights to connect to the active directory server. And I've set up the permission to "Read Only" (at the moment).

Currently it is possible to login via the AD User credentials for all our employees (active AD user). Thats pretty good. So the next step and question for me is the following challenge:

Is it possible, when I use the option "Read/Write" in the Permission Settings section, that AD users can change their own AD password via the Confluence profile settings dialog?

 

Thank you very much.

 

Kind regards,

Matthias

Sorry, my english is not the best sad

2 answers

0 vote
Daniel Eads Community Champion Jun 20, 2016

Hi Matthias,

Users will be able to change their passwords for AD via Confluence if the connection is set to Read/Write. However, it also needs to be set to LDAPS (LDAP over SSL) or else users will get an error when they actually submit their new password.

Hi Daniel,

thank your for your answer. I've just set up "Read/Write". When I try to change a user password in Confluence (Profile --> Password) I get the following error message "The following error(s) occurred:

  • Sorry, but your password could not be changed. Please try again, and contact your administrator if the problem persists."

So as you described, I've set up the option "Use SSL" with the default port 636 (test via telnet: our ad-server responces on port 636).

When I click on "Quick Test" the following error message appears:

"Connection test failed. Response from the server:
server1.domain.com:636; nested exception is javax.naming.CommunicationException: server1.domain.com:636 [Root exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target]"

So I think there is no ssl certificate on our server1? Or what is the problem? Do I have to set up mor in Confluence?

Thank you very much!

Kind regards,

Matthias

Daniel Eads Community Champion Jul 20, 2016

Sorry - I missed your response earlier, hopefully this is still helpful!

You are right - it looks like Confluence does not trust the certificate on your AD server. Atlassian has instructions on adding the certificate to the trust store here: https://confluence.atlassian.com/jira/connecting-to-ssl-services-117455.html Keep in mind that you need to restart Confluence after installing the certificate!

Suggest an answer

Log in or Sign up to answer
Atlassian Community Anniversary

Happy Anniversary, Atlassian Community!

This community is celebrating its one-year anniversary and Atlassian co-founder Mike Cannon-Brookes has all the feels.

Read more
Community showcase
Kesha Thillainayagam
Posted Apr 13, 2018 in Confluence

We want to hear how your non-technical teams are using Confluence!

Hi Community! Kesha (kay-sha) from the Confluence marketing team here! Can you share stories with us on how your non-technical (think Marketing, Sales, HR, legal, etc.) teams are using Confluen...

2,932 views 27 12
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you