Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Unable to connect Confluence to Samba 4 Active Directory PDC

M_S_
M_S_
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
November 29, 2017

I am trying to connect Confluence (6.3) to an Active Directory Primary Domain Controller (PDC) provided by Samba 4 as a user directory.

This is a simple small office setup, but I am unable to get it to work. 

I selected 'Active Directory' provided a host name, did not select SSL (since no certificate would be in use) and provided a base dsn (dc=xxx,dc=lan).

The quick test is green, but the next test returns "LDAP: error code 1 - 00002020: Operation unavailable without authentication". I guess I need to also provide a user.

Also configuring an admin account results in the quick test failing with "LDAP: error code 8 - BindSimple: Transport encryption required". I could not find any info on this, other than an old JIRA ticket (JRASERVER-24106) recommending to use either SSL (not possible, results in SSLHandshakeException: java.security.cert.CertificateException: No name matching xxxx found) or reconfigure LDAP Server Signing Requirements in AD. 

Other than that, there is no info. Is something wrong with my setup or my AD/Samba 4? Is this normally supposed to work?

Answer
Watch
Like Be the first to like this
3105 views

1 answer

0 votes
AnnWorley
AnnWorley
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
June 25, 2018

Apparently Samba AD requires encryption:

Samba4 and sssd authentication not working due "Transport encryption required."

Samba now requires SSL/TLS for LDAP
binds. Once you have enabled TLS in sssd, everything should work. While
you can turn off the requirement in Samba, it's a bad idea, as it'll
result in unencrypted passwords being sent over the network.

Please see Configuring an SSL Connection to Active Directory

Basically, The Java supporting Confluence does not trust the SSL certificate served by AD. Importing the AD certificate into the Confluence Java truststore (usually distinct from the keystore served by Confluence and usually called "cacerts") located in your Java directory for example:

$JAVA_HOME/jre/lib/security/cacerts

SSL for Confluence is a free plugin that may expedite the process.

Thanks,

Ann

Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.