Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Users can't log in (using Delegated LDAP Authentication)

alpertorun
alpertorun November 2, 2017

One of our users cant login on confluence for two weeks. log says:

2017-11-03 08:12:55,049 WARN [http-nio-8090-exec-5] [atlassian.seraph.auth.DefaultAuthenticator] login login : 'abcdefg' tried to login but they do not have USE permission or weren't found. Deleting remember me cookie.
-- referer: http://<serverip>:8090/login.action?os_destination=%2Fpages%2Fviewpage.action%3FpageId%3D6455325%26src%3Dmail%26src.mail.timestamp%3D1509685801121%26src.mail.notification%3Dcom.atlassian.confluence.plugins.confluence-notifications-batch-plugin%253Abatching-notification%26src.mail.recipient%3D8aad06e95ec888f4015ecc22dd6f0097%26src.mail.action%3Dview&permissionViolation=true | url: /dologin.action | traceId: ad3395a920709676

 

we use delegated LDAP directory first and secondly integral directory (with no user in it). all of our 10 users are authenticated from LDAP. 9 users can login only one user can't. user changed password nearly one month ago before the login error and connection to LDAP seems ok for other users.

 

How can we fix this?

Answer
Watch
Like Consulente Atlassian likes this
812 views

1 answer

1 vote
AnnWorley
AnnWorley
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
November 3, 2017

Welcome to the forum.

I understand that you are using a delegated LDAP directory to authenticate users but one user cannot log in.

The error message you are reporting is the one I get in my log when I enter the wrong credentials. When I take away USE permission and log in I do not get that error, so we can discard USE permission as the cause.

  • When you view the user in User Management, is there anything remarkable about their account?
  • If the user is not listed in User Management, please go to User Directories and check the user filter and DN setup of the delegated User Directory, to make sure the user is in the right OU, groups, etc, that are specified in the setup.

As an aside, you mentioned you don't have any users in the Confluence Internal directory. It is recommended to keep an internal user with admin permissions in the internal directory in case you need to edit the LDAP directory or log in when the LDAP directory is unavailable for any reason. You may create the user under User Management and add it to the confluence-administrators group to give it super user permissions.

Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
TAGS
AUG Leaders

Atlassian Community Events

    See all events