Users can't log in (using Delegated LDAP Authentication) Edited

One of our users cant login on confluence for two weeks. log says:

2017-11-03 08:12:55,049 WARN [http-nio-8090-exec-5] [atlassian.seraph.auth.DefaultAuthenticator] login login : 'abcdefg' tried to login but they do not have USE permission or weren't found. Deleting remember me cookie.
-- referer: http://<serverip>:8090/login.action?os_destination=%2Fpages%2Fviewpage.action%3FpageId%3D6455325%26src%3Dmail%26src.mail.timestamp%3D1509685801121%26src.mail.notification%3Dcom.atlassian.confluence.plugins.confluence-notifications-batch-plugin%253Abatching-notification%26src.mail.recipient%3D8aad06e95ec888f4015ecc22dd6f0097%26src.mail.action%3Dview&permissionViolation=true | url: /dologin.action | traceId: ad3395a920709676

 

we use delegated LDAP directory first and secondly integral directory (with no user in it). all of our 10 users are authenticated from LDAP. 9 users can login only one user can't. user changed password nearly one month ago before the login error and connection to LDAP seems ok for other users.

 

How can we fix this?

1 answer

This widget could not be displayed.
Ann Worley Atlassian Team Nov 03, 2017

Welcome to the forum.

I understand that you are using a delegated LDAP directory to authenticate users but one user cannot log in.

The error message you are reporting is the one I get in my log when I enter the wrong credentials. When I take away USE permission and log in I do not get that error, so we can discard USE permission as the cause.

  • When you view the user in User Management, is there anything remarkable about their account?
  • If the user is not listed in User Management, please go to User Directories and check the user filter and DN setup of the delegated User Directory, to make sure the user is in the right OU, groups, etc, that are specified in the setup.

As an aside, you mentioned you don't have any users in the Confluence Internal directory. It is recommended to keep an internal user with admin permissions in the internal directory in case you need to edit the LDAP directory or log in when the LDAP directory is unavailable for any reason. You may create the user under User Management and add it to the confluence-administrators group to give it super user permissions.

Suggest an answer

Log in or Sign up to answer
Atlassian Summit 2018

Meet the community IRL

Atlassian Summit is an excellent opportunity for in-person support, training, and networking.

Learn more
Community showcase
Published Aug 14, 2018 in Confluence

Add-on evaluation with confluence templates

Atlassian market place contains number of Apps/Addons which improves the capability of out of the box Atlassian products. It is good to follow a plugin evaluation process before install add-ons. So t...

174 views 12 7
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you