By 'admin account', we are referring to the account that was setup during the Confluence setup wizard.
If you have just integrated Confluence with LDAP or Active Directory, but find yourself not being able to login with this account but instead get a 'not permitted' screen: here's the explanation and fix:
Explanation
This is caused by there being an account on LDAP with the same username as your admin account. (so for example, your Confluence admin account is 'admin' and there's a user on LDAP that also has username 'admin').
Fix
- Shutdown Confluence
- Open confluence/WEB-INF/classes/atlassian-user.xml in a text editor and comment out the LDAP statements for now. For example:
<atlassian-user>
<repositories>
<osuser key="osuserRepository" name="OSUser Repository"/>
<!--
<ldap key="ldapRepository" name="LDAP Repository@hecate.atlassian.com" cache="true">
<host>hecate.atlassian.com</host>
<port>389</port>
<securityPrincipal>cn=admin,dc=atlassian,dc=private</securityPrincipal>
<securityCredential>secret</securityCredential>
<securityProtocol>plain</securityProtocol>
<securityAuthentication>simple</securityAuthentication>
<baseContext>dc=atlassian,dc=private</baseContext>
<baseUserNamespace>dc=staff,dc=perftest,dc=atlassian,dc=private</baseUserNamespace>
<baseGroupNamespace>dc=groups,dc=perftest,dc=atlassian,dc=private</baseGroupNamespace>
<usernameAttribute>cn</usernameAttribute>
<userSearchFilter>(objectClass=inetorgperson)</userSearchFilter>
<firstnameAttribute>givenname</firstnameAttribute>
<surnameAttribute>sn</surnameAttribute>
<emailAttribute>mail</emailAttribute>
<groupnameAttribute>cn</groupnameAttribute>
<groupSearchFilter>(objectClass=groupOfNames)</groupSearchFilter>
<membershipAttribute>member</membershipAttribute>
</ldap>
-->
<hibernate name="Hibernate Repository" key="hibernateRepository" description="Hibernate Repository" />
</repositories>
</atlassian-user>
Notice the <!-- and --> symbols added before and after the <ldap> tags.
- Start up Confluence. You should now be able to login with your admin account
- Create another admin account that has a different name to the one that exists in LDAP or Active Directory.
- Undo the changes you made to atlassian-user.xml and restart Confluence.
Alternative Fix
Alternatively, you can either rename or remove the admin account present on LDAP or Active Directory. But if this is not an option, stick to the fix above.
Cannot login with Confluence admin account
Comments (8)
Mar 27, 2007
Kirk Mook says:
I just imported a backup from a dbase which is Oracle and configured for ldap, t...I just imported a backup from a dbase which is Oracle and configured for ldap, to a test system with embedded database and no ldap. Now the admin account cannot login. The above fix is already implemented because there was not an ldap setting configured. Now what?
Apr 04, 2007
Agnes Ro says:
Ideally the Confluence instance you have imported the data into should also have...Ideally the Confluence instance you have imported the data into should also have ldap configuration. The admin account was probably sitting in your ldap and not Confluence, hence now unable to login. You can also create a support request at http://support.atlassian.com.
Jun 21, 2007
Stephan Nagy says:
I recently ran into this problem, and the solution was not as described. I...I recently ran into this problem, and the solution was not as described. I was getting the Not Permitted error message and my confluence admin user did not exist in LDAP. I ended up having to add the:
<osuser key="osuserRepository" name="OSUser Repository"/>
following the :
<hibernate name="Hibernate Repository" key="hibernateRepository" description="Hibernate Repository" />
I'm not sure if this is the right way to address this problem but it does seem to work.
Jun 25, 2007
Agnes Ro says:
It is important to have the osuser tag before the hibernate tag so that the new ...It is important to have the osuser tag before the hibernate tag so that the new admin user is created in the right user repository. If you have any problems, please open a support request.
Cheers,
Agnes.
Oct 24, 2007
Anonymous says:
I have a problem when try to logon any account of my computer. when i try to log...I have a problem when try to logon any account of my computer. when i try to logon administrator after sometimes it says that my directory file have some problem, and also shows a messege box saying having problem, and after sometimes the windows change to previous screen to choose a user account to logon.
Oct 28, 2007
Mei Yan Chan says:
Hi, It would be appreciated if you can raise a support request at http://suppo...Hi,
It would be appreciated if you can raise a support request at http://support.atlassian.com, so that we can further investigate this issue.
Thanks and Regards,
Mei
Jan 14, 2008
Anonymous says:
Stephan Nagy 's solution worked. Could not get David Loeng 's s...Stephan Nagy 's solution worked. Could not get David Loeng 's solution to work.
Feb 20, 2008
Rob Di Marco says:
I had the same problem. I am using a Standalone Confluence 2.7.0 backed by...I had the same problem. I am using a Standalone Confluence 2.7.0 backed by Hypersonic DB. On initial upgrade, everything worked fine. However, I needed to do another restart and that is where I hit this problem. I could not log in with the admin user, even after I went and reset the default password.
Adding the <osuser> tag solved the problem for me.
Add Comment