I can login to Octopus Server as any Windows Domain user with no problem; but when I try to login as “Administrator” (or DC\Administrator, or administrator), it gives me an error:
There was a problem with your request.
Invalid username or password.
Thanks for getting in touch; this sounds familiar - I’ve created a ticket here to track it: https://github.com/OctopusDeploy/Issues/issues/415
Quick question - please don’t go to any trouble.
If you can access the RavenDB database hosted by Octopus (should be on port 10932 of the same server, otherwise there’s a link in Octopus Manager), can you please advise what the Username field of the Users/ document is for the administrator?
E.g. in my database this document is users-1, with “admin” set as the username:
{
“Username”: “admin”,
“DisplayName”: null,
“EmailAddress”: null,
“Notes”: null,
“PasswordHashed”: “3E8$oHZwZnBf7hPD2mKSNjroJg==$QeQP/sx+zYQBZ2VgHhVjj+yBlolVPiOp”,
“IsActive”: true,
“ApiKey”: “API-MVD6KKXGQJYULEELP8N1VWJTXY”,
“IdentificationToken”: “bcb49dfc-74b6-43ff-ae06-f44745b21461”
}
Many thanks,
Nick
Here are the two records in the Users document (dhait works, Administrator does not):
{
“Username”: “Administrator”,
“DisplayName”: “Administrator”,
“EmailAddress”: null,
“Notes”: null,
“PasswordHashed”: “3E8$oKjBwcm2YMiqgCujgacuXQ==$lQOEZfB/qOAmdMvHuqQa0p/DtdjHWakl”,
“IsActive”: true,
“ApiKey”: “API----”,
“IdentificationToken”: “de0f226b-304d-48f6-939b-9987ebbce74e”
}
{
“Username”: "dhait@DC.OPTIONMETRICS.COM",
“DisplayName”: “David Hait”,
“EmailAddress”: null,
“Notes”: null,
“PasswordHashed”: “3E8$XQb7IQR/NWfXtQnj9hKlfA==$Ij0YRdkiOJ0lK3vczMROYVMlAX8kIYYR”,
“IsActive”: true,
“ApiKey”: “API----”,
“IdentificationToken”: “67c9e8fd-6a6a-49d3-bad6-12f99924639b”
}
Ok, thanks for that. Yes, this appears to be the issue we’ve found and fixed in 2.0.8.
After upgrading to 2.0.8, so long as AD authentication is still enabled, you should be able to run:
Octopus.Server.exe admin --username=Administrator
Octopus.Server.exe service --stop --start
This will result in a new user account being created for Administrator[at]yourdomain, instead of the existing Administrator account which is incorrectly using the username/password username format.
Hope this helps.
Regards,
Nick
Using the latest download (2.0.9.1020), when I try to create a new Server instance which uses domain authentication, I get the following error,
Using the DC.OPTIONMETRICS.COM domain for authentication
Creating user Administrator
A fatal exception occurred
System.ArgumentException: The user name (UPN) could not be determined for principal: Administrator
at Octopus.Server.Web.Infrastructure.Authentication.ActiveDirectoryMembership.GetOrCreateUser(UserPrincipal principal) in c:\TeamCity\buildAgent\work\1116bd9da9e239fd\source\Octopus.Server\Web\Infrastructure\Authentication\ActiveDirectoryMembership.cs:line 66
at Octopus.Server.Commands.AdminCommand.Start() in c:\TeamCity\buildAgent\work\1116bd9da9e239fd\source\Octopus.Server\Commands\AdminCommand.cs:line 98
at Octopus.Shared.Startup.ConsoleHost.Run(Action`1 start, Action shutdown) in c:\TeamCity\buildAgent\work\1116bd9da9e239fd\source\Octopus.Shared\Startup\ConsoleHost.cs:line 36
Error: The previous command returned a non-zero exit code of: 1
Error: The command that failed was: “C:\Program Files (x86)\Octopus 2.0\Server\Octopus.Server.exe” admin --instance=“OctopusServer” --username=“Administrator” --wait="5000"
Deleted instance: OctopusServer
Interesting, looks like we’re still finding the local machine’s Administrator account rather than the domain one.
If running:
Octopus.Server.exe admin --username=Administrator@YOURDOMAIN
Octopus.Server.exe service --stop --start
Doesn’t fix this (worth a try), we’ve got a new “experimental” build available at http://download.octopusdeploy.com/octopus/Octopus.2.0.9.1039.msi that adds a new switch:
Octopus.Server.exe configure --webauthenticationdomain=YOURDOMAIN
Octopus.Server.exe admin --username=Administrator
Octopus.Server.exe service --stop --start
This forces all authentication through the specific domain, which seems likely to fix your issue. We’re still rounding out this version before making another public release.
Just thought I should share that installation with an “administrator” account still isn’t working with the 1066 build. After much hair-pulling, I found the solution of using a regular user account in another thread, but it there are definitely still issues with this aspect.
Thanks for the info Gee, much appreciated.
Have you tried using DOMAIN\administrator as the username? This should ensure the correct (domain) admin account is selected, rather than the one on the local machine.
Interested to hear your experiences.
Cheers,
Nick
Hi Nicholas,
I tried every logical format: administrator, administrator@domain, domain\administrator.
Using the special 1039 build you linked to, I attempted to set the webauthentication domain, and then retried all of the above, also to no avail. If there’s anything I can provide to help shed any further light, please let me know.
Cheers,
Gary
Thanks Gee. Have you tried using the DOMAIN\administrator format when setting up the Octopus Server? This is where I think the problem will lie - once the server has been set up, if the wrong administrator account was found at install time, I don’t think any login permutations will help.
You can run:
Octopus.Server.exe admin --username="DOMAIN\Administrator"
on the server any time (service must be stopped) to add an administrator account.
If you’ve tried this I’m running low on ideas 
but examining the Users collection in RavenDB (Octopus Server Manager > Browse RavenDB > System Database > Users) might reveal which account is being set as administrator. The Username field in AD accounts will be a UPN (administrator@DOMAIN format).
Thanks again for the follow-up.
Ah - see your name’s Gary, counter to the moniker G’day! Apologies for the mis-naming…
No problem at all. I’m easy with G, Gee, Gary… 
So I tried those administrator combinations during installation without success - unfortunately, I didn’t log the results of every attempt, but I did save one from a run without the domain name, which I’ve attached. I will re-run on a different server tomorrow when I get back to the office and let you know the outcome using the domain name during setup.
octopus-install.log (3 KB)
I also encountered this error today when trying to use the Administrator account on my domain.
Thanks for the note Paul.
Are you able to send log output from from the installation script when specifying the username as DOMAIN\administrator?
Using 2.0.10.1066 or later is recommended for AD also, in case you’re on an earlier build.
Thanks in advance! Nick
Hey Nick. Sorry for taking so long, but I finally got around to attempting a reinstall (of 2.0.11.1080) using the suggested username format and here’s the resulting output:
@@@
Creating empty configuration file: C:\Octopus\OctopusServer\OctopusServer.config
Saving instance: OctopusServer
Home directory set to: C:\Octopus
Generating a new Master Key for this Octopus Server…
Master Key saved; use the Octopus Administration tool to back the key up.
Storage mode set to: Embedded
Allow checking for upgrades: True
Include usage statistics: True
Web authentication mode: Domain
Web force SSL: False
Web listen prefixes: http://localhost:80/
Storage listen port set to: 10931
Creating or modifying administrator '4-roads.local\administrator’
You can browse the RavenDB server at: http://localhost:10931/
Creating default Octopus Server certificate
Creating default Windows Azure certificate
Creating default upgrade availability
Creating built-in role Project viewer
Creating built-in role Project contributor
Creating built-in role Project lead
Creating built-in role Project deployer
Creating built-in role Project initiator
Creating built-in role Environment viewer
Creating built-in role Environment manager
Creating built-in role System administrator
Creating default team Octopus Administrators
Creating default team Everyone
Creating default retention policy
Creating default backup configuration
Creating default SMTP configuration
Creating default project group
A fatal exception occurred
System.ArgumentException: The user name (UPN) could not be determined for principal: Administrator
at Octopus.Server.Web.Infrastructure.Authentication.ActiveDirectoryMembership.GetOrCreateUser(UserPrincipal principal, Boolean& wasCreated) in c:\TeamCity\buildAgent\work\1116bd9da9e239fd\source\Octopus.Server\Web\Infrastructure\Authentication\ActiveDirectoryMembership.cs:line 106
at Octopus.Server.Web.Infrastructure.Authentication.ActiveDirectoryMembership.GetOrCreateUser(String username, Boolean& wasCreated) in c:\TeamCity\buildAgent\work\1116bd9da9e239fd\source\Octopus.Server\Web\Infrastructure\Authentication\ActiveDirectoryMembership.cs:line 96
at Octopus.Server.Web.Infrastructure.Authentication.ActiveDirectoryMembership.GetOrCreateUser(String username) in c:\TeamCity\buildAgent\work\1116bd9da9e239fd\source\Octopus.Server\Web\Infrastructure\Authentication\ActiveDirectoryMembership.cs:line 79
at Octopus.Server.Commands.AdminCommand.Start() in c:\TeamCity\buildAgent\work\1116bd9da9e239fd\source\Octopus.Server\Commands\AdminCommand.cs:line 77
at Octopus.Shared.Startup.ConsoleHost.Run(Action`1 start, Action shutdown) in c:\TeamCity\buildAgent\work\1116bd9da9e239fd\source\Octopus.Shared\Startup\ConsoleHost.cs:line 36
Error: The previous command returned a non-zero exit code of: 1
Error: The command that failed was: “C:\Program Files\Octopus Deploy\Octopus\Octopus.Server.exe” admin --instance=“OctopusServer” --username=“4-roads.local\administrator” --wait="5000"
Deleted instance: OctopusServer
@@@
Looks like there may be a problem in our command-line escaping routine - the username is coming through with a doubled backslash - checking this out now…
Gary, I’ve raised 597 with the details of what I think is the issue.
Is there any chance you can run the script below to verify this?
"C:\Program Files\Octopus Deploy\Octopus\Octopus.Server.exe" service --stop
"C:\Program Files\Octopus Deploy\Octopus\Octopus.Server.exe" admin --instance="OctopusServer" --username="4-roads.local\administrator" --wait="5000"
"C:\Program Files\Octopus Deploy\Octopus\Octopus.Server.exe" service --start
(Note the single slash in the --username parameter value, in contrast to the two slashes in the generated script.)
Thanks again for the help.
Nick
Good news - removing the escaped slash did the trick and installation completed successfully.
Hi Nicholas,
Also ran into this problem with version 2.0.13.1100. Issue should be resolved in 2.1 so tried with 2.1.1.1171.
Installing it under domain administrator account still doesn’t work. I see that the double slash indeed it fixed but still can’t install.
Tried with DOMAIN\administrator and administrator@DOMAIN.
(Eventually installed it with local admin and will switch to domain authentication later)
(note: relaced actual domain name with DOMAIN)
So looks like there is still something there…
Regards,
Serge
domainadmin.txt (2 KB)