Active Directory Authentication

Hi,

I am trying to configure Octopus to allow login using Active Directory (Windows Authentication is installed under the Roles in Server Manager FYI).

When I run the commands to set the webauthenticationdomain or the admin, I get the following:

C:\Windows\system32>Octopus.Server.exe configure --webAuthenticationDomain=MYDOMAIN
Octopus Deploy: Server version 2.6.3.886

-------------------------------------------------------------------------------
Error: Unrecognized command line arguments: --webAuthenticationDomain=MYDOMAIN
-------------------------------------------------------------------------------
Full error details are available in the log files.
See: http://g.octopushq.com/LogFiles

C:\Windows\system32>Octopus.Server.exe admin --username=myuser
Octopus Deploy: Server version 2.6.3.886

Creating or modifying administrator 'myuser'
You can browse the RavenDB server at: http://localhost:10931/
The database is up to date.
-------------------------------------------------------------------------------
Error: The server could not be contacted.
-------------------------------------------------------------------------------
Full error details are available in the log files.
See: http://g.octopushq.com/LogFiles

When I check the error logs, I see:

2015-04-10 17:20:31.6244      7  WARN  An exception was thrown while trying to establish a principal for the current request
System.DirectoryServices.AccountManagement.PrincipalServerDownException: The server could not be contacted. ---> System.DirectoryServices.Protocols.LdapException: The LDAP server is unavailable.
   at System.DirectoryServices.Protocols.LdapConnection.Connect()
   at System.DirectoryServices.Protocols.LdapConnection.SendRequestHelper(DirectoryRequest request, Int32& messageID)
   at System.DirectoryServices.Protocols.LdapConnection.SendRequest(DirectoryRequest request, TimeSpan requestTimeout)
   at System.DirectoryServices.AccountManagement.PrincipalContext.ReadServerConfig(String serverName, ServerProperties& properties)
   --- End of inner exception stack trace ---
   at System.DirectoryServices.AccountManagement.PrincipalContext.ReadServerConfig(String serverName, ServerProperties& properties)
   at System.DirectoryServices.AccountManagement.PrincipalContext.DoServerVerifyAndPropRetrieval()
   at System.DirectoryServices.AccountManagement.PrincipalContext..ctor(ContextType contextType, String name, String container, ContextOptions options, String userName, String password)
   at System.DirectoryServices.AccountManagement.PrincipalContext..ctor(ContextType contextType, String name, String container)
   at Octopus.Server.Web.Infrastructure.Authentication.ActiveDirectoryMembership.GetOrCreateUser(String username, Boolean& wasCreated) in y:\work\refs\heads\master\source\Octopus.Server\Web\Infrastructure\Authentication\ActiveDirectoryMembership.cs:line 210
   at Octopus.Server.Web.Infrastructure.Authentication.ActiveDirectoryMembership.GetOrCreateUser(String username) in y:\work\refs\heads\master\source\Octopus.Server\Web\Infrastructure\Authentication\ActiveDirectoryMembership.cs:line 200
   at Octopus.Server.Web.Infrastructure.Authentication.OctopusPrincipalEstablisher.GetPresentedUserIdentity(NancyContext context) in y:\work\refs\heads\master\source\Octopus.Server\Web\Infrastructure\Authentication\OctopusPrincipalEstablisher.cs:line 97
   at Octopus.Server.Web.Infrastructure.Authentication.OctopusPrincipalEstablisher.EstablishPrincipalForRequest(NancyContext context) in y:\work\refs\heads\master\source\Octopus.Server\Web\Infrastructure\Authentication\OctopusPrincipalEstablisher.cs:line 43
2015-04-10 17:20:39.6896      8 ERROR  Unhandled error on request: http://OCTOPUSSERVERURL:PORT/api/users/login by <anonymous> : The server could not be contacted.
System.DirectoryServices.AccountManagement.PrincipalServerDownException: The server could not be contacted. ---> System.DirectoryServices.Protocols.LdapException: The LDAP server is unavailable.
   at System.DirectoryServices.Protocols.LdapConnection.Connect()
   at System.DirectoryServices.Protocols.LdapConnection.SendRequestHelper(DirectoryRequest request, Int32& messageID)
   at System.DirectoryServices.Protocols.LdapConnection.SendRequest(DirectoryRequest request, TimeSpan requestTimeout)
   at System.DirectoryServices.AccountManagement.PrincipalContext.ReadServerConfig(String serverName, ServerProperties& properties)
   --- End of inner exception stack trace ---
   at System.DirectoryServices.AccountManagement.PrincipalContext.ReadServerConfig(String serverName, ServerProperties& properties)
   at System.DirectoryServices.AccountManagement.PrincipalContext.DoServerVerifyAndPropRetrieval()
   at System.DirectoryServices.AccountManagement.PrincipalContext..ctor(ContextType contextType, String name, String container, ContextOptions options, String userName, String password)
   at System.DirectoryServices.AccountManagement.PrincipalContext..ctor(ContextType contextType, String name, String container)
   at Octopus.Server.Web.Infrastructure.Authentication.ActiveDirectoryMembership.ValidateCredentials(String username, String password) in y:\work\refs\heads\master\source\Octopus.Server\Web\Infrastructure\Authentication\ActiveDirectoryMembership.cs:line 44
   at Octopus.Server.Web.Api.Actions.UserLoginAction.Execute() in y:\work\refs\heads\master\source\Octopus.Server\Web\Api\Actions\UserLoginAction.cs:line 39
   at Octopus.Platform.Web.Api.Responder`1.Respond(TDescriptor options, NancyContext context) in y:\work\refs\heads\master\source\Octopus.Platform.Web\Api\Responder.cs:line 163
   at System.Dynamic.UpdateDelegates.UpdateAndExecute3[T0,T1,T2,TRet](CallSite site, T0 arg0, T1 arg1, T2 arg2)
   at CallSite.Target(Closure , CallSite , Object , Object , NancyContext )
   at Octopus.Server.Web.Api.OctopusRestApiModule.<>c__DisplayClass5.<.ctor>b__2(Object o) in y:\work\refs\heads\master\source\Octopus.Server\Web\Api\OctopusRestApiModule.cs:line 47
   at CallSite.Target(Closure , CallSite , Func`2 , Object )
   at Nancy.Routing.Route.<>c__DisplayClass4.<Wrap>b__3(Object parameters, CancellationToken context)
2015-04-10 17:20:39.6896      7 ERROR  Unhandled error on request: http://OCTOPUSSERVERURL:PORT/api/users/login by <anonymous> : The server could not be contacted.
System.DirectoryServices.AccountManagement.PrincipalServerDownException: The server could not be contacted. ---> System.DirectoryServices.Protocols.LdapException: The LDAP server is unavailable.
   at System.DirectoryServices.Protocols.LdapConnection.Connect()
   at System.DirectoryServices.Protocols.LdapConnection.SendRequestHelper(DirectoryRequest request, Int32& messageID)
   at System.DirectoryServices.Protocols.LdapConnection.SendRequest(DirectoryRequest request, TimeSpan requestTimeout)
   at System.DirectoryServices.AccountManagement.PrincipalContext.ReadServerConfig(String serverName, ServerProperties& properties)
   --- End of inner exception stack trace ---
   at System.DirectoryServices.AccountManagement.PrincipalContext.ReadServerConfig(String serverName, ServerProperties& properties)
   at System.DirectoryServices.AccountManagement.PrincipalContext.DoServerVerifyAndPropRetrieval()
   at System.DirectoryServices.AccountManagement.PrincipalContext..ctor(ContextType contextType, String name, String container, ContextOptions options, String userName, String password)
   at System.DirectoryServices.AccountManagement.PrincipalContext..ctor(ContextType contextType, String name, String container)
   at Octopus.Server.Web.Infrastructure.Authentication.ActiveDirectoryMembership.ValidateCredentials(String username, String password) in y:\work\refs\heads\master\source\Octopus.Server\Web\Infrastructure\Authentication\ActiveDirectoryMembership.cs:line 44
   at Octopus.Server.Web.Api.Actions.UserLoginAction.Execute() in y:\work\refs\heads\master\source\Octopus.Server\Web\Api\Actions\UserLoginAction.cs:line 39
   at Octopus.Platform.Web.Api.Responder`1.Respond(TDescriptor options, NancyContext context) in y:\work\refs\heads\master\source\Octopus.Platform.Web\Api\Responder.cs:line 163
   at System.Dynamic.UpdateDelegates.UpdateAndExecute3[T0,T1,T2,TRet](CallSite site, T0 arg0, T1 arg1, T2 arg2)
   at CallSite.Target(Closure , CallSite , Object , Object , NancyContext )
   at Octopus.Server.Web.Api.OctopusRestApiModule.<>c__DisplayClass5.<.ctor>b__2(Object o) in y:\work\refs\heads\master\source\Octopus.Server\Web\Api\OctopusRestApiModule.cs:line 47
   at CallSite.Target(Closure , CallSite , Func`2 , Object )
   at Nancy.Routing.Route.<>c__DisplayClass4.<Wrap>b__3(Object parameters, CancellationToken context)
2015-04-10 17:20:45.7268      8  WARN  An exception was thrown while trying to establish a principal for the current request
System.DirectoryServices.AccountManagement.PrincipalServerDownException: The server could not be contacted. ---> System.DirectoryServices.Protocols.LdapException: The LDAP server is unavailable.
   at System.DirectoryServices.Protocols.LdapConnection.Connect()
   at System.DirectoryServices.Protocols.LdapConnection.SendRequestHelper(DirectoryRequest request, Int32& messageID)
   at System.DirectoryServices.Protocols.LdapConnection.SendRequest(DirectoryRequest request, TimeSpan requestTimeout)
   at System.DirectoryServices.AccountManagement.PrincipalContext.ReadServerConfig(String serverName, ServerProperties& properties)
   --- End of inner exception stack trace ---
   at System.DirectoryServices.AccountManagement.PrincipalContext.ReadServerConfig(String serverName, ServerProperties& properties)
   at System.DirectoryServices.AccountManagement.PrincipalContext.DoServerVerifyAndPropRetrieval()
   at System.DirectoryServices.AccountManagement.PrincipalContext..ctor(ContextType contextType, String name, String container, ContextOptions options, String userName, String password)
   at System.DirectoryServices.AccountManagement.PrincipalContext..ctor(ContextType contextType, String name, String container)
   at Octopus.Server.Web.Infrastructure.Authentication.ActiveDirectoryMembership.GetOrCreateUser(String username, Boolean& wasCreated) in y:\work\refs\heads\master\source\Octopus.Server\Web\Infrastructure\Authentication\ActiveDirectoryMembership.cs:line 210
   at Octopus.Server.Web.Infrastructure.Authentication.ActiveDirectoryMembership.GetOrCreateUser(String username) in y:\work\refs\heads\master\source\Octopus.Server\Web\Infrastructure\Authentication\ActiveDirectoryMembership.cs:line 200
   at Octopus.Server.Web.Infrastructure.Authentication.OctopusPrincipalEstablisher.GetPresentedUserIdentity(NancyContext context) in y:\work\refs\heads\master\source\Octopus.Server\Web\Infrastructure\Authentication\OctopusPrincipalEstablisher.cs:line 97
   at Octopus.Server.Web.Infrastructure.Authentication.OctopusPrincipalEstablisher.EstablishPrincipalForRequest(NancyContext context) in y:\work\refs\heads\master\source\Octopus.Server\Web\Infrastructure\Authentication\OctopusPrincipalEstablisher.cs:line 43

My user is a user account that is setup directly on the server in question, and Octopus is also installed on the same server.

Any ideas?

Hi Michael,

Thanks for reaching out. When you say “the user account is setup directly on the server”, you mean it is a local account and not an Active Directory account? if that is the case then it wont work, as we don’t support local accounts.

Let me know if that’s not the case.

Thanks

Dalmiro