Active Directory problem: Test get user's memberships : Failed

I am configuring a Directory to connect to AD in our WIndows Small Business Server. The following error is returned when running Test Settings:

 
Test basic connection : Succeeded
Test retrieve user : Succeeded
Test user rename is configured and tracked : Succeeded
Test get user's memberships : Failed
Test retrieve group : Not performed
Test get group members : Not performed
Test user can authenticate : Not performed
 
The basic connection test seems to pass:
 

Test Remote Directory Connection

Test basic connection : Succeeded
Test retrieve user : Not performed
Test user rename is configured and tracked : Not performed
Test get user's memberships : Not performed
Test retrieve group : Not performed
Test get group members : Not performed
Test user can authenticate : Not performed
 
I can connect and authenticate at the same host/port from https/svn. 
 
Redacted directory config:
 
=== Current user ===
Directory ID: 1
Username: admin
Display name: Administrator
Email address: XXXXXXX

=== Directories configured ===
Directory ID: 10000
Name: LDAP server
Active: true
Type: CONNECTOR
Created date: Mon Aug 21 13:57:27 PDT 2017
Updated date: Mon Aug 21 15:26:51 PDT 2017
Allowed operations: [UPDATE_USER_ATTRIBUTE, UPDATE_GROUP_ATTRIBUTE]
Implementation class: com.atlassian.crowd.directory.MicrosoftActiveDirectory
Encryption type: sha
Attributes:
    "autoAddGroups": ""
    "com.atlassian.crowd.directory.sync.currentstartsynctime": "null"
    "com.atlassian.crowd.directory.sync.issynchronising": "false"
    "com.atlassian.crowd.directory.sync.lastdurationms": "593"
    "com.atlassian.crowd.directory.sync.laststartsynctime": "1503354410573"
    "crowd.sync.incremental.enabled": "true"
    "directory.cache.synchronise.interval": "3600"
    "ldap.basedn": "OU=SBSUsers,OU=Users,OU=MyBusiness,DC=COMPANY,DC=local"
    "ldap.connection.timeout": "10000"
    "ldap.external.id": "objectGUID"
    "ldap.group.description": "description"
    "ldap.group.dn": ""
    "ldap.group.filter": "(objectCategory=Group)"
    "ldap.group.name": "cn"
    "ldap.group.objectclass": "group"
    "ldap.group.usernames": "member"
    "ldap.local.groups": "false"
    "ldap.nestedgroups.disabled": "true"
    "ldap.pagedresults": "true"
    "ldap.pagedresults.size": "1000"
    "ldap.password": ********
    "ldap.pool.initsize": "null"
    "ldap.pool.maxsize": "null"
    "ldap.pool.prefsize": "null"
    "ldap.pool.timeout": "0"
    "ldap.propogate.changes": "false"
    "ldap.read.timeout": "120000"
    "ldap.referral": "true"
    "ldap.relaxed.dn.standardisation": "true"
    "ldap.roles.disabled": "true"
    "ldap.search.timelimit": "60000"
    "ldap.secure": "false"
    "ldap.url": "ldap://XXX.XXX.XXX.XXX:389"
    "ldap.user.displayname": "displayName"
    "ldap.user.dn": ""
    "ldap.user.email": "mail"
    "ldap.user.encryption": "sha"
    "ldap.user.filter": "(&(objectCategory=Person)(sAMAccountName=*))"
    "ldap.user.firstname": "givenName"
    "ldap.user.group": "memberOf"
    "ldap.user.lastname": "sn"
    "ldap.user.objectclass": "user"
    "ldap.user.password": "unicodePwd"
    "ldap.user.username": "sAMAccountName"
    "ldap.user.username.rdn": "cn"
    "ldap.userdn": "XXXXXXXXX"
    "ldap.usermembership.use": "true"
    "ldap.usermembership.use.for.groups": "false"
    "localUserStatusEnabled": "false"

Directory ID: 1
Name: JIRA Internal Directory
Active: true
Type: INTERNAL
Created date: Thu Sep 22 14:13:21 PDT 2011
Updated date: Thu Sep 22 14:13:21 PDT 2011
Allowed operations: [UPDATE_GROUP_ATTRIBUTE, UPDATE_ROLE_ATTRIBUTE, UPDATE_ROLE, DELETE_GROUP, CREATE_USER, UPDATE_USER, UPDATE_GROUP, CREATE_ROLE, UPDATE_USER_ATTRIBUTE, DELETE_ROLE, CREATE_GROUP, DELETE_USER]
Implementation class: com.atlassian.crowd.directory.InternalDirectory
Encryption type: atlassian-security
Attributes:
    "user_encryption_method": "atlassian-security"

Thank you in advance for any suggestions

1 answer

Users and groups are accessed via different paths. Set Base DN and prepend for users and groups as follows:

Base DN: OU=MyBusiness,DC=XXXX,DC=XXXX

Additional User DN: OU=SBSUsers,OU=Users

Additional Group DN: OU=Security Groups

Suggest an answer

Log in or Sign up to answer
How to earn badges on the Atlassian Community

How to earn badges on the Atlassian Community

Badges are a great way to show off community activity, whether you’re a newbie or a Champion.

Learn more
Community showcase
Published Mar 26, 2018 in Hipchat Data Center

Migration of Hipchat server to Data Center - a retrospective

...able to use the clients After a bunch of testing (rooms, memberships, check for private message history, and most importantly - the custom emoticons!) nearly everything was looking as we needed, however...

448 views 2 6
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you