We recently upgraded our Octopus Server to 2019.9.10 LTS from version 2018.9.0.
After the upgrade, we were unable to use the feature “Sign in with a domain account”. We had no issues with this feature before our upgrade.
Any guidance or insight would be greatly appreciated.
Thank you,
Jacob
The error that we are getting in our logs is …
An exception was thrown while trying to establish a principal for the current request System.DirectoryServices.AccountManagement.PrincipalOperationException: An invalid dn syntax has been specified.
---> System.DirectoryServices.DirectoryServicesCOMException: An invalid dn syntax has been specified.
at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail)
at System.DirectoryServices.DirectoryEntry.Bind()
at System.DirectoryServices.DirectoryEntry.get_SchemaEntry()
at System.DirectoryServices.AccountManagement.ADStoreCtx.IsContainer(DirectoryEntry de)
at System.DirectoryServices.AccountManagement.ADStoreCtx..ctor(DirectoryEntry ctxBase, Boolean ownCtxBase, String username, String password, ContextOptions options)
at System.DirectoryServices.AccountManagement.PrincipalContext.CreateContextFromDirectoryEntry(DirectoryEntry entry)
at System.DirectoryServices.AccountManagement.PrincipalContext.DoLDAPDirectoryInit()
--- End of inner exception stack trace ---
at System.DirectoryServices.AccountManagement.PrincipalContext.DoLDAPDirectoryInit()
at System.DirectoryServices.AccountManagement.PrincipalContext.DoDomainInit()
at System.DirectoryServices.AccountManagement.PrincipalContext.Initialize()
at System.DirectoryServices.AccountManagement.PrincipalContext.get_QueryCtx()
at System.DirectoryServices.AccountManagement.Principal.FindByIdentityWithTypeHelper(PrincipalContext context, Type principalType, Nullable`1 identityType, String identityValue, DateTime refDate)
at System.DirectoryServices.AccountManagement.Principal.FindByIdentityWithType(PrincipalContext context, Type principalType, String identityValue)
at System.DirectoryServices.AccountManagement.UserPrincipal.FindByIdentity(PrincipalContext context, String identityValue)
at Octopus.Server.Extensibility.Authentication.DirectoryServices.DirectoryServices.DirectoryServicesService.FindByIdentity(String username)
at Octopus.Server.Extensibility.Authentication.DirectoryServices.DirectoryServices.DirectoryServicesCredentialValidator.GetOrCreateUser(String username, CancellationToken cancellationToken)
at Octopus.Server.Extensibility.Authentication.DirectoryServices.DirectoryServices.DirectoryServicesUserCreationFromPrincipal.GetOrCreateUser(IPrincipal principal, CancellationToken cancellationToken)
at System.Linq.Enumerable.WhereSelectArrayIterator`2.MoveNext()
at System.Linq.Enumerable.FirstOrDefault[TSource](IEnumerable`1 source, Func`2 predicate)
at Octopus.Server.Web.Infrastructure.Authentication.ExternalPrincipalRequestAuthenticator.TryAuthenticateRequest(NancyContext context) in C:\buildAgent\work\abb2fbfce959a439\source\Octopus.Server\Web\Infrastructure\Authentication\ExternalPrincipalRequestAuthenticator.cs:line 41
at System.Linq.Enumerable.WhereSelectArrayIterator`2.MoveNext()
at System.Linq.Enumerable.FirstOrDefault[TSource](IEnumerable`1 source, Func`2 predicate)
at Octopus.Server.Web.Infrastructure.Authentication.UserAuthenticator.AuthenticateRequest(NancyContext context) in C:\buildAgent\work\abb2fbfce959a439\source\Octopus.Server\Web\Infrastructure\Authentication\UserAuthenticator.cs:line 41
My configuration - (note I have used the powershell script to verify I can query my AD domain)