Ad auth doesn't work when in a container

(Chris Darais) #1

I can’t get ad to work when I have Octopus Deploy setup using a container. Is there something special I need to do for this?

(Lawrence Wilson) #3

Hi Chris,
Thanks for getting in touch! I’m sorry to hear you are seeing problems setting up AD in Octopus.

Are you referring to the container section under Active Directory Container?

When setting a container here, you need to ensure that the container value is an LDAP Path to a container (Organizational Unit, or Built-in Folder) and not a Group. (For example, CN=Users, DC=acme, DC=local)

Setting an Active Directory Container here means that your Octopus Server will look no further than inside this OU/folder when searching for Users in the directory.

A possible reason for setting a container here is if an Organization wants to make sure that no Users that live outside that OU can be added into Octopus from Active Directory.

You can troubleshoot this problem more directly using our PowerShell script found in our documentation on Troubleshooting AD Integration

In our troubleshooting script, we have commented out the section that directly relates to AD Container, you can uncomment #, "CN=Users, DC=acme, DC=local" to ensure that your PowerShell script follows the exact same logic as if you wrote:

CN=Users, DC=acme, DC=local in your Active Directory Container section, in Octopus.

$principalContext = new-object -TypeName System.DirectoryServices.AccountManagement.PrincipalContext "Domain", "acme.local"#, "CN=Users, DC=acme, DC=local"

I hope this has been helpful! Please feel free to keep in touch if you have any questions.

Kind regards,
Lawrence.