Getting 'Exception when Adding LDAP group' For User Authentication Only
Platform Notice: Data Center Only - This article only applies to Atlassian products on the Data Center platform.
Note that this KB was created for the Data Center version of the product. Data Center KBs for non-Data-Center-specific features may also work for Server versions of the product, however they have not been tested. Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.
*Except Fisheye and Crucible
Symptoms
Confluence is configured to use local groups, as described in Add LDAP Integration For User Authentication Only. LDAP users can login, but exceptions appear in the atlassian-confluence.log:
1
2
3
2011-02-07 09:21:44,826 ERROR \[http-8081-1] \[bucket.user.DefaultUserAccessor] hasMembership Exception when retrieving LDAP group confluence-administrators (base DN: ou=atlassian,dc=admin,dc=atlassian,dc=com, filter: (&(cn=confluence-administrators)(objectClass=dummy)))
-- referer: http://localhost:8081/conf333/login.action?os_destination=%2Fdashboard.action | url: /conf333/dashboard.action | userName: Administrator
Cause
Confluence expects to retrieve a valid DN for baseGroupNamespace but the DN is non existent.
Resolution
Despite that Confluence is configured to have User Authentication only (see Add LDAP Integration For User Authentication Only), it still requires a valid baseGroupNamespace DN.
On a separate note, because Confluence performs groups searches quite frequently it is important to configure the baseGroupNameSpace to a valid DN without many child nodes (eg. an individual user DN). Failure to do so will drag Confluence performance.
Was this helpful?