AD login only works when logged in directly to the server via RDP

Installed octopus server a new win 2k8r2 machine and configured it to use active directory. However, my AD login only works when I rdp to the server and open a browser on that machine. When I open a browser and connect from another machine all attempts to login with my AD account fail:

Clicking the “Sign in with your Microsoft Windows domain account” link just reloads the login page (fiddler shows some ntlm authentication, then 303 responses, and finally more 401 failures).

The following is in the log:

Unhandled error on request: http://bdas-100/api/users/login by : Value cannot be null.
Parameter name: instance
System.ArgumentNullException: Value cannot be null.
Parameter name: instance
at System.ComponentModel.DataAnnotations.ValidationContext…ctor(Object instance, IServiceProvider serviceProvider, IDictionary`2 items)

Using the domain\user format yields “Value cannot be null. Parameter name: instance” at the top of the login page. Same error with user@domain.loc format.

Hi Brandon,

Sorry for the delayed reply here! The login page presents two different options to log in. There’s the HTML username/password form, and then there’s the link to sign in with your Windows credentials which redirects you.

Does the error occur when you use the ‘sign in with…’ link? Or does it also occur if you use the HTML form? If it’s the sign in link, do you get prompted for credentials at all or does it immediately redirect you back?

Which browser are you using? It’s possible that for the ‘Sign in with…’ link to work, the site might need to be added to a list of trusted sites in Internet Explorer.


Ditto on the apologies - I missed your reply.

When I click “sign in with…” the screen just flashes. I describe the actual server interaction I’m seeing with fiddler in the OP.

signing in with domain\user yields the error mentioned above or sometimes "you must be logged in to perform this action. Please provide a valid api key or log in again.

Hi Brandon,

What does the network look like between your machine and the Octopus server? Do you know if there is a proxy server, or some kind of gateway or VPN in place?

During log in we issue a cookie - it sounds like either the login data isn’t even being sent to the Octopus server, or that the cookie we issue isn’t being stored by your browser or is being removed along the network somewhere.


Thanks Paul.

This is a corporate network and all of this is internal so no proxy is involved but I did double check that proxies were disabled. You did get me thinking though so I tried with firefox and sure enough it worked. I confirmed that both had the OctopusIdentificationToken cookie. The only real difference I could see was that IE had a bizarre additional cookie:

_b_w_lf=cr=1,crs=0,cse=1,crd=mixentitypopnow,dc=dashblack,nolink=1,ndf=1,vlh=1,sz=99,dqs=1,crre=1,crres=1,ceh=1,ss=1,ifr=0,csm=1,fbh=1,crb=2; OctopusIdentificationToken=2wombUBQh3l%2bXxpg2QJYfpJRV%2bFujdaQHsv4V9hrF3wQ8wP2KI9VZYNw2a2hj52%2f

Searching for “_b_w_lf” didn’t help but I found a file in my browser history that pointed at bing. I disabled the bing bar and sure enough it started working. Not really sure why that cookie is interfering but I’m attaching fiddler dumps from both the failed IE attempt and the successful firefox attempt if you want to look into it further.


firefox.txt (7 KB)

ie.txt (7 KB)

I’m having this same issue. I was VPN’d from home last night when I set Octopus up and now I can’t log on at work. But I can access it with the same AD account through RDP.

Hi Austin,

Thanks for reaching out. Couple of questions re your installation:

  • Which version of Octopus did you install?

  • During the Configuration Wizard, did you set Octopus to use AD login or Username/Password?

  • When you were on the VPN at home, were you on the same domain that you login when you are at office?

  • But I can access it with the same AD account through RDP. You mean you can RDP into the server running Octopus? Could you explain this a bit better?

  • Are you able to log into Octopus through the web portal in any way from your workstation? If so, please paste the exact format of your user.