Hello colleagues!
I'm trying to set up an LDAP auth with internal user directory. The problem ist the certificate, that we use in our company. The name of the host, that this cert contains, does not match the name of the AD-Server. Logically is, that all connection tests fail. I've found this workaround for Confluence: https://jira.atlassian.com/browse/CONF-26049, but it just won't work for me because I just can not save the configuration of the directory in the database... I'm running the vicious circle. :)
Is there any workaround to disable the check?
Hey Nick,
You can create the directory using non-ssl connection and then later edit it directly on the database at the table cwd_directory_attribute.
Just need to change the ldap.url (e.g. ldaps://example.com:636) and apply the workaround of this ticket: https://jira.atlassian.com/browse/CONF-26049
Cheers
Hi all!
We've solved the problem locally: https://support.atlassian.com/browse/JSP-169922
Just read my last post and have a good laugh :D.
Cheers
Nick
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Tiago,
I've delegated the Question to the Atlassian Support Team. Hope the guys can help. I'll inform you here about any progress in this case.
I've already thought about the differences between the two connectors, and thought about playing around with two Jiras: one with direct AD-connection and one with delegated auth, just to compare two differend DBs and find out how I could "hack" it, but there should be a much more elegant way to set up a connection :D.
Best regards
Nick
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Tiago,
thanks for the reply! This worked perfectly for the "pure" Active Directory server. (One step closer to our goal!) I'm trying to set up an LDAP-Server with delegated Authentication, so could you tell me what should I edit in cwd_directory and cwd_directory_attribute to turn "com.atlassian.crowd.directory.MicrosoftActiveDirectory" into LDAP with delegated auth? Shouldn't be very complicated... Thanks a lot!
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Nick, it's good to know that there was improvement :)
So if I undertood it right, you've created an LDAP directory of type connector, but you want the delegated one.
If this is it, wouldn't be possibly for you create the delegated via UI using non-ssl and edit the database after this to make it connect through ssl?
I'm asking because turn the connector into delegated via database seems more complicated to me than doing it via user interface.
Cheers
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.