This documentation relates to an earlier version of the SharePoint Connector.
View

Unknown macro: {spacejump}

or visit the current documentation home.

What versions of Active Directory are supported as part of the SSO configuration? AD 2000 / 2003?

The SharePoint Connector has been developed and tested with ActiveDirectory 2003, but Actitive Directory 2000 should work also. If you find any incompatiblities, then please let us know.

Is SSO handled through an open source module?

When a user access SharePoint they are authenticated using Windows Integrated Security which could be using NTLM, Kerberos or something else. When a user access Confluence using Internet Explorer they are authenticated using NTLM if it is available. If NTLM is unavailable because of using a different browser or operating system Confluence will prompt for a user name / password. The credentials will then be checked against Active Directory.

What is the support policy for the Confluence NTLM Authenticator - the plugin which Confluence uses to authenticate users with NTLM?

The Confluence NTLM authenticator is a third-party contribution and is not currently supported by Atlassian. See Planning your Environment with SP 2007 for supported configurations.

What is the support policy?

The SharePoint Connector for Confluence is supported by Atlassian. If you have questions or issues, please file them in the Confluence project on http://support.atlassian.com. The SharePoint Connector forum will also remain active, and can be a valuable resource for getting help with the Connector.

Does NTLM authentication work today?

Yes. See Supported NTLM Authentication with the SharePoint Connector for more information.

I've heard about performance issues with the Confluence NTLM authenticator. Where can I track the progress being made against those issues?

This issue can be tracked here

What is the roadmap for single sign-on with respect to AD and MOSS?

Currently the SharePoint Connector is developed and tested using ActiveDirectory 2003 and MOSS 2007. No other versions of those products have been tested so far. Some features of the SharePoint connector also work with WSS.

When is Kerberos going to be supported as a SSO method?

There are no plans to support kerberos at this time. It is a possibility for the future.

Why won't my web part show any data?

There are several potential reasons why you cannot see data.

  • The SharePoint server needs access to the Confluence server. Therefore Confluence must be running and the Confluence Settings page must have the appropriate URL to Confluence.
  • In order for SharePoint to show Confluence content, it needs to use the Confluence SOAP Permission Checker Plugin to communicate. Go to the Plugin Manager to ensure it is installed and enabled. You can download it from the Plugin Repository.
  • If you are not using SSO, the logged in user account in SharePoint must exist as an account within Confluence. Therefore, if your Active Directory account used by SharePoint is MY_DOMAIN\my_user_name, then a Confluence account named my_user_name must exist in Confluence (or Confluence must be tied to Active Directory) and that user must have read access to the space/page you are trying to display in SharePoint.

Why do I have to log in to Confluence when clicking a Confluence link from SharePoint within a web part provided by the SharePoint Connector for Confluence?

If you are not using Single Sign-on (SSO) and SharePoint is using Windows Integrated Security while Confluence is using Forms Based Authentication, this will always occur unless you have Confluence "remember my login on this computer". If you are using SSO this can be prevented by following the recommended browser settings.

Why do my images within the Confluence Page web part show as broken images?

See Images Are Broken in the Confluence Page Web Part in SharePoint.

When I click on a link to Confluence from a SharePoint web part, the link takes me to a page that does not exist.

Assuming the page really does exist, a likely problem is that the Server Base Url is not specified properly on the General Configuration administration page within Confluence. For exaxmple, if Confluence is not configured at the root of the domain (e.g., http://confluence.mycompany.com/confluence instead of http://www.mycompany.com) the Server Base Url needs to reflect that or links in web parts will have the incorrect values.

Is SSL supported?

Yes.
The SharePoint features (web parts, search) can access Confluence if it is running under SSL.
To learn more about this and how to configure SSL, see Secure Sockets Layer (SSL) Configuration.

The SharePoint plugin within Confluence also supports SSL on SharePoint. You need only configure your container to connect to SSL services. In most cases this just involves adding the SSL certificate from the SharePoint server to the keystore maintained by your Java VM and then specifying http*s*://yourserver as the way to reach your SharePoint server in the plugin's configuration.

Why am I sometimes getting login failed in the SharePoint "Confluence Settings" or on my Confluence Page web parts?

If you are not using the SSO option, you must specify a Confluence administrative username and password in the Confluence Settings page within SharePoint. The password is encrypted using a key specified in the <machinekey> setting in the web.config file for each Web Front End (WFE) within your SharePoint farm. SharePoint tries to make sure that the machine key is identical for each WFE, but if they are not, you will get the following error:

com.atlassian.confluence.rpc.AuthenticationFailedException: Attempt to login user '<administrative user account>' failed - incorrect password.

If this problem occurs, make sure all WFEs have the same machine key and do an IISRESET on each WFE for any that you change. You may then have to re-save the administrative password on the Confluence Settings page if the machine key you decided to use on each WFE does not match the machine key used to save the password in the first place.

I cannot successfully execute "Update SharePoint Config Settings" when testing the configuration from Confluence to SharePoint ("SharePoint Admin" screen). What could be the problem?

This problem recently occurred and did not present an obvious solution. The problem was resolved by resetting the default security template on the SharePoint server (see Method 1 as listed under http://support.microsoft.com/kb/903071).

Here are some others things to review if the default security template does not turn out to be the issue.

  • Check all items listed in the SharePoint Plugin Configuration Troubleshooting page
  • Make sure IIS Directory Security for the SharePoint web application is set to Windows Authentication
  • SharePoint Central Administration is set to NTLM and not Negotiate/Kerberos
  • Check Local Security Policy (Group policy) to make sure both the client/server are using consistent NTLM/LM formats
    see "Network security: LAN Manager authentication level" under Security Options

I just changed the theme of my space in Confluence, but it isn't reflected in the Confluence Page web parts. Why is that?

The CSS for a space is cached by SharePoint. The cache is set to expire after one hour. The new theme should be reflected in Confluence Page web parts within an hour of the change. Performing an IISRESET on SharePoint server(s) is currently the only way to expedite the process.

I just set the Confluence space and Page information for the Confluence Page web part, but the web part title is not showing up correctly. Why is that?

The configured Confluence service user does not have permission to access the page. Make sure the service user (set in the 'Confluence Settings' screen for the current SharePoint website) has appropriate permissions in Confluence.

I am authenticating users in Confluence with Active Directory and I have "authorized" users in the "Domain Users" Active Directory group to be able to access/participate in a specific Confluence space. However, the members of "Domain Users" do not appear to have access. Why is this?

This appears to be a bug with Confluence integration with Active Directory. CSI-206 in Jira captures the issue. To work around the issue, try placing the "authorized" users in an Active Domain group that does not contain spaces in the name (ex: Confluence).

Do the servers need to be on the same network Subnet? Any requirements as far as domain names or computer names?

The servers can be on different network subnets (with the following exceptions in effect - based on the environments we have tested)

  • For Active Directory integration with NTLM to work properly, both the Confluence server and the SharePoint server should be part of the same domain
  • If Active Directory is not used as a Confluence user repository, then the suggestion would be to use the Microsoft Single Sign-on Service (option "Using the internal Confluence user store" as defined in http://confluence.atlassian.com/display/CONFEXT/Authentication+Configuration)

Does the screen always have the Sharepoint / Confluence tabs at the top so users can navigate back and forth? What happens in a user changes the theme on a space? Does that affect navigation back and forth?

The 2.7/2.8 SharePoint decorators are used to add the "SharePoint" link to the top left corner.
If the user changes the theme to something other than the 2.7/2.8 SharePoint decorator, the "SharePoint" link will be removed, but navigation between Confluence/SharePoint environments will not be affected.

Is single sign on available as web based (ie cookie or token oriented) or is it only NTLM? If only NTLM what about Mac users or Firefox?

Does it change anything about group management? If I need to add a user to a group, do I have to do it in both systems?

It depends...

    • If Active Directory is used for both products, then you may need to add an Active Directory user to Confluence/Confluence space. If you have an Active Directory domain group (with no spaces in the name - see Jira Item # ?) that contains all users that will access Confluence, you can assign the group once to Confluence and again once per space.
    • If Active Directory is used for SharePoint only and Confluence is using a separate user repository, then yes, you will need to configure a user independently in both products.

Do space permissions have any overlap or combined functionality with Sharepoint permissions?

There really is no overlap. We have implemented permission checking from both sides (Confluence to SharePoint; SharePoint to Confluence) to help control a specific user from having inappropriate access to something.

Which system's user profile information will be used?

User profile will come from Active Directory (if used for either system). SharePoint will typically be configured to use Active Directory. If Confluence is configured to use another user repository, then Confluence will show user profile information from the respective user repository and SharePoint will show user profile information from Active Directory. Other than the above, the Confluence profile is not connected to the SharePoint profile.

Other resources

See the General FAQ on the Atlassian website, and the User Forums for the SharePoint Connector for Confluence.

  • No labels



Log a request with our support team.



Raise an issue for our developers.



See answers from the community.



Tweet, blog and update our documentation.

Except where otherwise noted, content in this space is licensed under a Creative Commons Attribution 2.5 Australia License.