Installed octopus server a new win 2k8r2 machine and configured it to use active directory. However, my AD login only works when I rdp to the server and open a browser on that machine. When I open a browser and connect from another machine all attempts to login with my AD account fail:
Clicking the “Sign in with your Microsoft Windows domain account” link just reloads the login page (fiddler shows some ntlm authentication, then 303 responses, and finally more 401 failures).
The following is in the log:
Unhandled error on request: http://bdas-100/api/users/login by : Value cannot be null.
Parameter name: instance
System.ArgumentNullException: Value cannot be null.
Parameter name: instance
at System.ComponentModel.DataAnnotations.ValidationContext…ctor(Object instance, IServiceProvider serviceProvider, IDictionary`2 items)
at
Using the domain\user format yields “Value cannot be null. Parameter name: instance” at the top of the login page. Same error with user@domain.loc format.
Sorry for the delayed reply here! The login page presents two different options to log in. There’s the HTML username/password form, and then there’s the link to sign in with your Windows credentials which redirects you.
Does the error occur when you use the ‘sign in with…’ link? Or does it also occur if you use the HTML form? If it’s the sign in link, do you get prompted for credentials at all or does it immediately redirect you back?
Which browser are you using? It’s possible that for the ‘Sign in with…’ link to work, the site might need to be added to a list of trusted sites in Internet Explorer.
When I click “sign in with…” the screen just flashes. I describe the actual server interaction I’m seeing with fiddler in the OP.
signing in with domain\user yields the error mentioned above or sometimes "you must be logged in to perform this action. Please provide a valid api key or log in again.
What does the network look like between your machine and the Octopus server? Do you know if there is a proxy server, or some kind of gateway or VPN in place?
During log in we issue a cookie - it sounds like either the login data isn’t even being sent to the Octopus server, or that the cookie we issue isn’t being stored by your browser or is being removed along the network somewhere.
This is a corporate network and all of this is internal so no proxy is involved but I did double check that proxies were disabled. You did get me thinking though so I tried with firefox and sure enough it worked. I confirmed that both had the OctopusIdentificationToken cookie. The only real difference I could see was that IE had a bizarre additional cookie:
Searching for “_b_w_lf” didn’t help but I found a file in my browser history that pointed at bing. I disabled the bing bar and sure enough it started working. Not really sure why that cookie is interfering but I’m attaching fiddler dumps from both the failed IE attempt and the successful firefox attempt if you want to look into it further.
I’m having this same issue. I was VPN’d from home last night when I set Octopus up and now I can’t log on at work. But I can access it with the same AD account through RDP.