Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

User Directories: Active Directory configuration - user password change?

esome
esome June 20, 2016

Hello,

 

I've set up a new confluence server and still activated the LDAP-User Directory function with Microsoft Active Directory connection. At the moment I use an administrator user with administrator domain rights to connect to the active directory server. And I've set up the permission to "Read Only" (at the moment).

Currently it is possible to login via the AD User credentials for all our employees (active AD user). Thats pretty good. So the next step and question for me is the following challenge:

Is it possible, when I use the option "Read/Write" in the Permission Settings section, that AD users can change their own AD password via the Confluence profile settings dialog?

 

Thank you very much.

 

Kind regards,

Matthias

Sorry, my english is not the best sad

Answer
Watch
Like Be the first to like this
717 views

2 answers

0 votes
esome
esome June 20, 2016

Hi Daniel,

thank your for your answer. I've just set up "Read/Write". When I try to change a user password in Confluence (Profile --> Password) I get the following error message "The following error(s) occurred:

  • Sorry, but your password could not be changed. Please try again, and contact your administrator if the problem persists."

So as you described, I've set up the option "Use SSL" with the default port 636 (test via telnet: our ad-server responces on port 636).

When I click on "Quick Test" the following error message appears:

"Connection test failed. Response from the server:
server1.domain.com:636; nested exception is javax.naming.CommunicationException: server1.domain.com:636 [Root exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target]"

So I think there is no ssl certificate on our server1? Or what is the problem? Do I have to set up mor in Confluence?

Thank you very much!

Kind regards,

Matthias

View More Comments
Daniel Eads _unmonitored account_
Daniel Eads _unmonitored account_
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
July 20, 2016

Sorry - I missed your response earlier, hopefully this is still helpful!

You are right - it looks like Confluence does not trust the certificate on your AD server. Atlassian has instructions on adding the certificate to the trust store here: https://confluence.atlassian.com/jira/connecting-to-ssl-services-117455.html Keep in mind that you need to restart Confluence after installing the certificate!

Like
Reply
0 votes
Daniel Eads _unmonitored account_
Daniel Eads _unmonitored account_
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
June 20, 2016

Hi Matthias,

Users will be able to change their passwords for AD via Confluence if the connection is set to Read/Write. However, it also needs to be set to LDAPS (LDAP over SSL) or else users will get an error when they actually submit their new password.

Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
TAGS
AUG Leaders

Atlassian Community Events

    See all events