Users can't log in (using Delegated LDAP Authentication) Edited

One of our users cant login on confluence for two weeks. log says:

2017-11-03 08:12:55,049 WARN [http-nio-8090-exec-5] [atlassian.seraph.auth.DefaultAuthenticator] login login : 'abcdefg' tried to login but they do not have USE permission or weren't found. Deleting remember me cookie.
-- referer: http://<serverip>:8090/login.action?os_destination=%2Fpages%2Fviewpage.action%3FpageId%3D6455325%26src%3Dmail%26src.mail.timestamp%3D1509685801121%26src.mail.notification%3Dcom.atlassian.confluence.plugins.confluence-notifications-batch-plugin%253Abatching-notification%26src.mail.recipient%3D8aad06e95ec888f4015ecc22dd6f0097%26src.mail.action%3Dview&permissionViolation=true | url: /dologin.action | traceId: ad3395a920709676


we use delegated LDAP directory first and secondly integral directory (with no user in it). all of our 10 users are authenticated from LDAP. 9 users can login only one user can't. user changed password nearly one month ago before the login error and connection to LDAP seems ok for other users.


How can we fix this?

1 answer

1 vote
Ann Worley Atlassian Team Nov 03, 2017

Welcome to the forum.

I understand that you are using a delegated LDAP directory to authenticate users but one user cannot log in.

The error message you are reporting is the one I get in my log when I enter the wrong credentials. When I take away USE permission and log in I do not get that error, so we can discard USE permission as the cause.

  • When you view the user in User Management, is there anything remarkable about their account?
  • If the user is not listed in User Management, please go to User Directories and check the user filter and DN setup of the delegated User Directory, to make sure the user is in the right OU, groups, etc, that are specified in the setup.

As an aside, you mentioned you don't have any users in the Confluence Internal directory. It is recommended to keep an internal user with admin permissions in the internal directory in case you need to edit the LDAP directory or log in when the LDAP directory is unavailable for any reason. You may create the user under User Management and add it to the confluence-administrators group to give it super user permissions.

Suggest an answer

Log in or Sign up to answer
Community showcase
Published Dec 18, 2018 in Confluence Cloud

Happy holidays from our team to yours!

Hi Community!  2018 was filled with changes for our team, both big and small, and we've taken a lot of time to both celebrate our wins and recognize areas of improvement. One thing that we're a...

475 views 3 18
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you