Unable to find the username of the principal

Platform Notice: Data Center Only - This article only applies to Atlassian products on the Data Center platform.

Note that this KB was created for the Data Center version of the product. Data Center KBs for non-Data-Center-specific features may also work for Server versions of the product, however they have not been tested. Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.

*Except Fisheye and Crucible

Symptoms

The following appears in the atlassian-bitbucket.log and LDAP Directory synchronization fails:

1 2 3 4 5 6 7 8 9 2013-05-02 19:05:03,158 INFO [scheduler_Worker-7] c.a.c.d.DbCachingRemoteDirectory synchronisation for directory [ 425985 ] starting 2013-05-02 19:05:03,161 ERROR [scheduler_Worker-7] c.a.c.d.l.m.e.LDAPUserAttributesMapper The following record does not have a username: {mail=mail: user.0@maildomain.net, givenname=givenName: sultan, sn=sn: sultan, cn=cn: sultan} 2013-05-02 19:05:03,161 INFO [scheduler_Worker-7] c.a.c.d.DbCachingRemoteDirectory failed synchronisation complete for directory [ 425985 ] in [ 3ms ] 2013-05-02 19:05:03,191 ERROR [scheduler_Worker-7] c.a.c.d.DbCachingDirectoryPoller Error occurred while refreshing the cache for directory [ 425985 ]. com.atlassian.crowd.exception.OperationFailedException: org.springframework.ldap.UncategorizedLdapException: Unable to find the username of the principal. at com.atlassian.crowd.directory.SpringLDAPConnector.searchEntitiesWithRequestControls(SpringLDAPConnector.java:439) ~[crowd-ldap-2.6.2-m4.jar:na] at com.atlassian.crowd.directory.SpringLDAPConnector.searchEntities(SpringLDAPConnector.java:407) ~[crowd-ldap-2.6.2-m4.jar:na] at com.atlassian.crowd.directory.SpringLDAPConnector.searchUserObjects(SpringLDAPConnector.java:597) ~[crowd-ldap-2.6.2-m4.jar:na] at com.atlassian.crowd.directory.SpringLDAPConnector.searchUsers(SpringLDAPConnector.java:963) ~[crowd-ldap-2.6.2-m4.jar:na]

Diagnosis

Compare the user's LDIF with the Directory Configuration Summaryand look for the attribute "ldap.user.username".The error occurs when there is a mismatch between the users LDIF settings and the directory settings.

(Auto-migrated image: description temporarily unavailable)

Cause

If the user name attribute set in LDAP Directory setting is different from the user name attribute in LDAP schema, Bitbucket Server won't be able to find the username for the user in LDAP. This results in "unable to find the username of the principal" error.

Resolution 1

Update the User name attribute to match the LDAP schema

  1. Go to User Directories and Edit the directory >> User Schema Settings >> User name Attribute

    (Auto-migrated image: description temporarily unavailable)

  2. Update the attribute to match the username attribute in User's LDIF schema (Eg: cn, uid, sAMAccountName)

    (Auto-migrated image: description temporarily unavailable)

ℹ️Another resolution is to update the settings in LDAP server to match the settings in Bitbucket Server.

Resolution 2

Edit the filter to refine the search

  1. Go to User Directories and Edit the directory >> User Schema Settings >> User Object Filter

  2. Update the attribute to the filter used when searching user objects. Example: (&(objectclass=posixAccount)(uid=*))

    ℹ️This filter will only search for the users who belongs to the objectclass posixAccount with a valid uid.

Updated on April 8, 2025
Platform
Data Center only
Product
Bitbucket Data Center
On this pageSymptomsDiagnosisResolution 1Resolution 2

Still need help?

The Atlassian Community is here for you.
Ask the Community