Unable to find the username of the principal

症状

The following appears in the atlassian-stash.log and LDAP Directory synchronization fails: 

2013-05-02 19:05:03,158 INFO  [scheduler_Worker-7]  c.a.c.d.DbCachingRemoteDirectory synchronisation for directory [ 425985 ] starting
2013-05-02 19:05:03,161 ERROR [scheduler_Worker-7]  c.a.c.d.l.m.e.LDAPUserAttributesMapper The following record does not have a username: {mail=mail: user.0@maildomain.net, givenname=givenName: sultan, sn=sn: sultan, cn=cn: sultan}
2013-05-02 19:05:03,161 INFO  [scheduler_Worker-7]  c.a.c.d.DbCachingRemoteDirectory failed synchronisation complete for directory [ 425985 ] in [ 3ms ]
2013-05-02 19:05:03,191 ERROR [scheduler_Worker-7]  c.a.c.d.DbCachingDirectoryPoller Error occurred while refreshing the cache for directory [ 425985 ].
com.atlassian.crowd.exception.OperationFailedException: org.springframework.ldap.UncategorizedLdapException: Unable to find the username of the principal.
	at com.atlassian.crowd.directory.SpringLDAPConnector.searchEntitiesWithRequestControls(SpringLDAPConnector.java:439) ~[crowd-ldap-2.6.2-m4.jar:na]
	at com.atlassian.crowd.directory.SpringLDAPConnector.searchEntities(SpringLDAPConnector.java:407) ~[crowd-ldap-2.6.2-m4.jar:na]
	at com.atlassian.crowd.directory.SpringLDAPConnector.searchUserObjects(SpringLDAPConnector.java:597) ~[crowd-ldap-2.6.2-m4.jar:na]
	at com.atlassian.crowd.directory.SpringLDAPConnector.searchUsers(SpringLDAPConnector.java:963) ~[crowd-ldap-2.6.2-m4.jar:na]

診断

Compare the user's LDIF with the Directory Configuration Summary and look for the attribute "ldap.user.username". The error occurs when there is a mismatch between the users LDIF settings and the directory settings.  


原因

If the user name attribute set in LDAP Directory setting is different from the user name attribute in LDAP schema, Stash won't be able to find the username for the user in LDAP. This results  in "unable to find the username of the principal" error.  

ソリューション 1

Update the User name attribute to match the LDAP schema

  1. Go to User Directories and Edit the directory >> User Schema Settings >> User name Attribute
  2. Update the attribute to match the username attribute in User's LDIF schema (Eg: cn, uid, sAMAccountName) 

(info) Another resolution is to update the settings in LDAP server to match the settings in Stash.

ソリューション 2

Edit the filter to refine the search

  1. User Directories and Edit the directory >> User Schema Settings >> User Object Filter に移動します。
  2. Update the attribute to the filter used when searching user objects. Example: (&(objectclass=posixAccount)(uid=*))
    (info) This filter will only search for the users who belongs to the objectclass posixAccount with a valid uid.

Last modified on Mar 30, 2016

この内容はお役に立ちましたか?

はい
いいえ
この記事についてのフィードバックを送信する
Powered by Confluence and Scroll Viewport.