Directory users unable to login as 'Active Directory server' is not functional during authentication
プラットフォームについて: Server および Data Center のみ。この記事は、Server および Data Center プラットフォームのアトラシアン製品にのみ適用されます。
Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.
*Fisheye および Crucible は除く
問題
Users are unable to login/authenticate successfully to the Hipchat Server from any client. From the web, they are redirected to a page that says:
"Something went wrong, please try again"
/var/log/atlassian-crowd.log
に次のメッセージが出力される。
2017-04-05 03:05:18,225 http-bio-8095-exec-23 INFO [hipchat.server.rest.HipChatCrowdAuthenticateResource] [Vmstijcw] Initiating authentication for user 'james.bond@atlassian.com'
2017-04-05 03:05:18,371 http-bio-8095-exec-23 ERROR [crowd.manager.application.ApplicationServiceGeneric] Directory 'Active Directory server' is not functional during authentication of 'jbond'. Skipped.
2017-04-05 03:05:18,372 http-bio-8095-exec-23 INFO [hipchat.server.rest.HipChatCrowdAuthenticateResource] [Vmstijcw] Authentication for 'james.bond@atlassian.com' failed. HTTP code: 403, XMPP error: not-authorized, message: null
atlassian-crowd.log captures information of directory synchronisation and user authentication. It is the go-to logs to troubleshoot such issue.
環境
Hipchat Server or Data Center connected to an Active Directory, LDAP, Jira, or Crowd server for user authentication.
原因
As indicated in the error in the logs, the external user directory server (in this case Active Directory) is not functional or is inaccessible during user authentication.
If you recently made changes to the IP address of your Hipchat Server, you can also potentially run into this issue.
ソリューション
- Ensure that external user directory server (e.g. Active Directory, Open LDAP, external Jira, external Crowd) is functional and Hipchat Server is able to connect to it successfully. This can be verified by:
- Running a
ping
test from the Hipchat Server to see if it can reach the external user directory server. - Running a telnet test from the Hipchat Server to verify it can connect to the directory server over the port it is listening on.
- Successfully logging in / authenticating directly to the external user directory server.
- Running a
- If you make the IP address change, make sure you add the updated hostname to the DNS server.