Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Win 2012 AD Ldap configuration for Confluence Server

Paul Hackett
Paul Hackett September 24, 2018

I want to sync only certain users and groups so I have setup a confluence group called SCI-Confluence in AD that contains these users and have the groups in a specific OU.

When I do a quick test that comes back fine so my server settings are good.

My users are in OU=Staff,OU=SBSUsers,OU=Users,OU=MyBusiness

My groups are in 

OU=Security Groups,OU=MyBusiness

Under the Configure LDAP User Directory I have my Base DN setup as DC=Company,DC=Local

I specify an Addition User DN: OU=MyBusiness, the same for Additional Group DN

I have tried a number of User Object Filters including:

(&(objectCategory=Person)(sAMAccountName=*)(memberOf=cn=SCI-Confluence,OU=Security Groups))

(&(objectCategory=Person)(sAMAccountName=*)(memberOf=cn=SCI-Confluence,OU=Security Groups,OU=MyBusiness))

I've tried changing the Additional user DN to 

 (|(ou=sbsusers)(ou=users)),ou=staff

and a myriad of other combinations but I just can't seem to get the syntax correct so any help would be appreciated.

Link to Confluence Log

Answer
Watch
Like Be the first to like this
445 views

1 answer

1 accepted

1 vote
Answer accepted
Shawn C
Shawn C
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
September 25, 2018

Hi Paul, 

Sorry to hear you're experiencing some issues with your LDAP AD Filters.  From the logs, it looks like we're receiving LDAP Error Code 32; in this particular situation with Data 0, it indicates you're missing the Defined DN in the filter.

Looking at an example filter, it specifies the FQDN of the group including your Domain details: 

(&(objectCategory=Person)(sAMAccountName=*)(memberOf=cn=CaptainPlanet,ou=users,dc=company,dc=com))

I would recommend trying to match your memberOF filter to that example.  If we're still experiencing issues with syncing after updating the filter, please check the Confluence Logs for any new LDAP Error Codes and let me know. 

Regards,
Shawn

View More Comments
Paul Hackett
Paul Hackett October 5, 2018

Shawn,

Sorry for the long delay in replying I was on vacation.

Thanks for the suggestion so I was able to get it working by having by base DN set to DC-sciinc,DC=local, leaving the additional User DN and Additional Group DN fields blank under the LDAP Schema section and my User filter set to (&(objectCategory=Person)(sAMAccountName=*)(memberOf=CN=SCI-Confluence,OU=Security Groups,OU=MyBusiness,DC=sciinc,DC=local))

This worked, thanks for your help!

Like
Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
TAGS
AUG Leaders

Atlassian Community Events

    See all events