It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Active Directory problem: Test get user's memberships : Failed

I am configuring a Directory to connect to AD in our WIndows Small Business Server. The following error is returned when running Test Settings:

 
Test basic connection : Succeeded
Test retrieve user : Succeeded
Test user rename is configured and tracked : Succeeded
Test get user's memberships : Failed
Test retrieve group : Not performed
Test get group members : Not performed
Test user can authenticate : Not performed
 
The basic connection test seems to pass:
 

Test Remote Directory Connection

Test basic connection : Succeeded
Test retrieve user : Not performed
Test user rename is configured and tracked : Not performed
Test get user's memberships : Not performed
Test retrieve group : Not performed
Test get group members : Not performed
Test user can authenticate : Not performed
 
I can connect and authenticate at the same host/port from https/svn. 
 
Redacted directory config:
 
=== Current user ===
Directory ID: 1
Username: admin
Display name: Administrator
Email address: XXXXXXX

=== Directories configured ===
Directory ID: 10000
Name: LDAP server
Active: true
Type: CONNECTOR
Created date: Mon Aug 21 13:57:27 PDT 2017
Updated date: Mon Aug 21 15:26:51 PDT 2017
Allowed operations: [UPDATE_USER_ATTRIBUTE, UPDATE_GROUP_ATTRIBUTE]
Implementation class: com.atlassian.crowd.directory.MicrosoftActiveDirectory
Encryption type: sha
Attributes:
    "autoAddGroups": ""
    "com.atlassian.crowd.directory.sync.currentstartsynctime": "null"
    "com.atlassian.crowd.directory.sync.issynchronising": "false"
    "com.atlassian.crowd.directory.sync.lastdurationms": "593"
    "com.atlassian.crowd.directory.sync.laststartsynctime": "1503354410573"
    "crowd.sync.incremental.enabled": "true"
    "directory.cache.synchronise.interval": "3600"
    "ldap.basedn": "OU=SBSUsers,OU=Users,OU=MyBusiness,DC=COMPANY,DC=local"
    "ldap.connection.timeout": "10000"
    "ldap.external.id": "objectGUID"
    "ldap.group.description": "description"
    "ldap.group.dn": ""
    "ldap.group.filter": "(objectCategory=Group)"
    "ldap.group.name": "cn"
    "ldap.group.objectclass": "group"
    "ldap.group.usernames": "member"
    "ldap.local.groups": "false"
    "ldap.nestedgroups.disabled": "true"
    "ldap.pagedresults": "true"
    "ldap.pagedresults.size": "1000"
    "ldap.password": ********
    "ldap.pool.initsize": "null"
    "ldap.pool.maxsize": "null"
    "ldap.pool.prefsize": "null"
    "ldap.pool.timeout": "0"
    "ldap.propogate.changes": "false"
    "ldap.read.timeout": "120000"
    "ldap.referral": "true"
    "ldap.relaxed.dn.standardisation": "true"
    "ldap.roles.disabled": "true"
    "ldap.search.timelimit": "60000"
    "ldap.secure": "false"
    "ldap.url": "ldap://XXX.XXX.XXX.XXX:389"
    "ldap.user.displayname": "displayName"
    "ldap.user.dn": ""
    "ldap.user.email": "mail"
    "ldap.user.encryption": "sha"
    "ldap.user.filter": "(&(objectCategory=Person)(sAMAccountName=*))"
    "ldap.user.firstname": "givenName"
    "ldap.user.group": "memberOf"
    "ldap.user.lastname": "sn"
    "ldap.user.objectclass": "user"
    "ldap.user.password": "unicodePwd"
    "ldap.user.username": "sAMAccountName"
    "ldap.user.username.rdn": "cn"
    "ldap.userdn": "XXXXXXXXX"
    "ldap.usermembership.use": "true"
    "ldap.usermembership.use.for.groups": "false"
    "localUserStatusEnabled": "false"

Directory ID: 1
Name: JIRA Internal Directory
Active: true
Type: INTERNAL
Created date: Thu Sep 22 14:13:21 PDT 2011
Updated date: Thu Sep 22 14:13:21 PDT 2011
Allowed operations: [UPDATE_GROUP_ATTRIBUTE, UPDATE_ROLE_ATTRIBUTE, UPDATE_ROLE, DELETE_GROUP, CREATE_USER, UPDATE_USER, UPDATE_GROUP, CREATE_ROLE, UPDATE_USER_ATTRIBUTE, DELETE_ROLE, CREATE_GROUP, DELETE_USER]
Implementation class: com.atlassian.crowd.directory.InternalDirectory
Encryption type: atlassian-security
Attributes:
    "user_encryption_method": "atlassian-security"

Thank you in advance for any suggestions

1 answer

Users and groups are accessed via different paths. Set Base DN and prepend for users and groups as follows:

Base DN: OU=MyBusiness,DC=XXXX,DC=XXXX

Additional User DN: OU=SBSUsers,OU=Users

Additional Group DN: OU=Security Groups

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Published in Hipchat

Hipchat Cloud and Stride have reached End of Life (updated)

All good things come to an end - thanks to all our customers and partners who have been along the Hipchat and Stride journey with us.  As of Feb 15th 2019, Hipchat Cloud and Stride have reached ...

35,183 views 9 8
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you