Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Celebration

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root

Avatar

1 badge earned

Collect

Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!

Challenges
Coins

Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.

Recognition
Ribbon

Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!

Leaderboard

Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,461,227
Community Members
 
Community Events
176
Community Groups

After disabling/enabling LDAP in Crowd , Jira users cannot sign in anymore with their credentials.

Edited

Hi,

Today i've been testing with an addition of an AD directory in our existing Crowd to replace an LDAP directory.

Due to disabling the LDAP directory , a certain amount of users was unable to logon as they were removed from Jira

After enabling this again and synchronizing, all users were put back in place in Jira
However unable to logon with their credentials , while they could earlier.

In logs at the Jira side i find entries like:

2018-02-27 17:20:35,651 http-nio-8080-exec-640 anonymous 1040x3562356x1 rrcaim <ip client, ip server>,127.0.0.1 /login.jsp The user 'xxxxxxxx' has FAILED authentication. Failure count equals 3
2018-02-27 17:20:47,522 http-nio-8080-exec-639 anonymous 1040x3562366x1 - <ip client, ip server>,127.0.0.1 /rest/gadget/1.0/login login : 'xxxxxxxx' tried to login but they do not have USE permission or weren't found. Deleting remember me cookie.

On the crowd side:

127.0.0.1 [27/Feb/2018:16:20:48 +0100] "POST /crowd/rest/usermanagement/1/authentication?username=xxxxxxxx HTTP/1.1" 400 160 1574 "-" "Apache-HttpClient/4.5.3 (Java/1.8.0_60)"

No changes were made in directory configuration or applications in Crowd.

Within both Jira and Crowd the users exist and can be found defined as they should be and member of right groups and application.

Anyone encountered this before?

Incognito browser , cache and cooking clearing are performed.
New syncs have taken place but not resolving this weird issue.

Crowd version 2.11.0
Jira version 7.5.1


Thanks in advance!

Regards
Roland

1 answer

0 votes
Marcin Kempa Atlassian Team Feb 27, 2018

Hi @Roland Vermeulen,

Sorry to hear that you have those kind of problems in your setup.

Did you try to do test user authentication in Crowd? As you were doing some changes in the directory setup, could you check if the group that is allowed to authenticate to application in Crowd is still defined or maybe you just have 'Allow all to authenticate'?

Additionally are there any other entries in Crowd log files that may indicate authentication problem?

 

Hope that helps,

Marcin Kempa

Hi @Marcin Kempa,

Test authentication from crowd works , from Jira through the User directory it doesn't.

The users/groups are allowed to authenticate to the application.

We did not find any other authentication issues except the 400 on the POST for authenticate so far.

I'm verifying currently if Crowd is the issue , by adding the LDAP to the Jira instance (bypassing Crowd) to see if the users can authenticate in that way.

Suggest an answer

Log in or Sign up to answer
TAGS

Atlassian Community Events