Active Directory problem: Test get user's memberships : Failed

I am configuring a Directory to connect to AD in our WIndows Small Business Server. The following error is returned when running Test Settings:

 
Test basic connection : Succeeded
Test retrieve user : Succeeded
Test user rename is configured and tracked : Succeeded
Test get user's memberships : Failed
Test retrieve group : Not performed
Test get group members : Not performed
Test user can authenticate : Not performed
 
The basic connection test seems to pass:
 

Test Remote Directory Connection

Test basic connection : Succeeded
Test retrieve user : Not performed
Test user rename is configured and tracked : Not performed
Test get user's memberships : Not performed
Test retrieve group : Not performed
Test get group members : Not performed
Test user can authenticate : Not performed
 
I can connect and authenticate at the same host/port from https/svn. 
 
Redacted directory config:
 
=== Current user ===
Directory ID: 1
Username: admin
Display name: Administrator
Email address: XXXXXXX

=== Directories configured ===
Directory ID: 10000
Name: LDAP server
Active: true
Type: CONNECTOR
Created date: Mon Aug 21 13:57:27 PDT 2017
Updated date: Mon Aug 21 15:26:51 PDT 2017
Allowed operations: [UPDATE_USER_ATTRIBUTE, UPDATE_GROUP_ATTRIBUTE]
Implementation class: com.atlassian.crowd.directory.MicrosoftActiveDirectory
Encryption type: sha
Attributes:
    "autoAddGroups": ""
    "com.atlassian.crowd.directory.sync.currentstartsynctime": "null"
    "com.atlassian.crowd.directory.sync.issynchronising": "false"
    "com.atlassian.crowd.directory.sync.lastdurationms": "593"
    "com.atlassian.crowd.directory.sync.laststartsynctime": "1503354410573"
    "crowd.sync.incremental.enabled": "true"
    "directory.cache.synchronise.interval": "3600"
    "ldap.basedn": "OU=SBSUsers,OU=Users,OU=MyBusiness,DC=COMPANY,DC=local"
    "ldap.connection.timeout": "10000"
    "ldap.external.id": "objectGUID"
    "ldap.group.description": "description"
    "ldap.group.dn": ""
    "ldap.group.filter": "(objectCategory=Group)"
    "ldap.group.name": "cn"
    "ldap.group.objectclass": "group"
    "ldap.group.usernames": "member"
    "ldap.local.groups": "false"
    "ldap.nestedgroups.disabled": "true"
    "ldap.pagedresults": "true"
    "ldap.pagedresults.size": "1000"
    "ldap.password": ********
    "ldap.pool.initsize": "null"
    "ldap.pool.maxsize": "null"
    "ldap.pool.prefsize": "null"
    "ldap.pool.timeout": "0"
    "ldap.propogate.changes": "false"
    "ldap.read.timeout": "120000"
    "ldap.referral": "true"
    "ldap.relaxed.dn.standardisation": "true"
    "ldap.roles.disabled": "true"
    "ldap.search.timelimit": "60000"
    "ldap.secure": "false"
    "ldap.url": "ldap://XXX.XXX.XXX.XXX:389"
    "ldap.user.displayname": "displayName"
    "ldap.user.dn": ""
    "ldap.user.email": "mail"
    "ldap.user.encryption": "sha"
    "ldap.user.filter": "(&(objectCategory=Person)(sAMAccountName=*))"
    "ldap.user.firstname": "givenName"
    "ldap.user.group": "memberOf"
    "ldap.user.lastname": "sn"
    "ldap.user.objectclass": "user"
    "ldap.user.password": "unicodePwd"
    "ldap.user.username": "sAMAccountName"
    "ldap.user.username.rdn": "cn"
    "ldap.userdn": "XXXXXXXXX"
    "ldap.usermembership.use": "true"
    "ldap.usermembership.use.for.groups": "false"
    "localUserStatusEnabled": "false"

Directory ID: 1
Name: JIRA Internal Directory
Active: true
Type: INTERNAL
Created date: Thu Sep 22 14:13:21 PDT 2011
Updated date: Thu Sep 22 14:13:21 PDT 2011
Allowed operations: [UPDATE_GROUP_ATTRIBUTE, UPDATE_ROLE_ATTRIBUTE, UPDATE_ROLE, DELETE_GROUP, CREATE_USER, UPDATE_USER, UPDATE_GROUP, CREATE_ROLE, UPDATE_USER_ATTRIBUTE, DELETE_ROLE, CREATE_GROUP, DELETE_USER]
Implementation class: com.atlassian.crowd.directory.InternalDirectory
Encryption type: atlassian-security
Attributes:
    "user_encryption_method": "atlassian-security"

Thank you in advance for any suggestions

1 answer

This widget could not be displayed.

Users and groups are accessed via different paths. Set Base DN and prepend for users and groups as follows:

Base DN: OU=MyBusiness,DC=XXXX,DC=XXXX

Additional User DN: OU=SBSUsers,OU=Users

Additional Group DN: OU=Security Groups

Suggest an answer

Log in or Sign up to answer
Atlassian Summit 2018

Meet the community IRL

Atlassian Summit is an excellent opportunity for in-person support, training, and networking.

Learn more
Community showcase
Published Friday in Hipchat

What should I think about when migrating HipChat to Slack?

...from the beginning. We have built up a lot of content in HipChat, with it being a core tool in our distributed company model. While it is true that we didn’t need to move to Slack immediately, we felt it...

142 views 1 9
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you