Problem populating groups in TeamCity from LDAP server

I am having a problem with the above, where by when I try to synchronize my LDAP groups with TeamCity I get the following warning and the groups are not populated:

[2015-02-13 14:42:32,906]   WARN -     jetbrains.buildServer.LDAP - Error during group synchronization: Remote entry retrieved as a member of a group does not match any known user or group. Entry: 'jmcdonnell'. Synchronized group: '[remoteId='cn=bt-dev,ou=groups,dc=example,dc=com', groupKey='BT-DEV', name='null', description='null', customProperties='{}', memberIds=1]'
[2015-02-13 14:42:32,906]   INFO -     jetbrains.buildServer.LDAP - Last synchronization statistics: created users=0, updated users=0, deleted users=0, remote users=1, matched users=1, created groups=0, updated groups=0, deleted groups=0, remote groups=1, matched groups=0, duration=20ms, errors=1, errors: [Error during group synchronization: Remote entry retrieved as a member of a group does not match any known user or group. Entry: 'jmcdonnell'. Synchronized group: '[remoteId='cn=bt-dev,ou=groups,dc=example,dc=com', groupKey='BT-DEV', name='null', description='null', customProperties='{}', memberIds=1]']

My LDAP server is running with OpenLADP and I have a user created with the following information:

cn=jmcdonnell
dn cn=jmcdonnell,ou=users,dc=example,dc=com
cn jmcdonnell
displayName John McDonnell
gidNumber 500
givenName John
homeDirectory /home/users/jmcdonnell
Email john.mcdonnell@example.com
objectClass inetOrgPerson
posixAccount
top
sn McDonnell
User Name jmcdonnell
uidNumber 1000
Password ****************



This user is created in Team City, but he is also a member of a group:

cn=bt-dev
dn cn=bt-dev,ou=groups,dc=example,dc=com
cn bt-dev
description BT Devs
gidNumber 501
memberUid jmcdonnell
objectClass posixGroup
top


But this group isnt being populated in Team City.  I have mapped it in my ldap-mapping.xml file:
<group-mapping teamcityGroupKey="ALL_USERS_GROUP" ldapGroupDn="ou=users,dc=example,dc=com"/>
<group-mapping teamcityGroupKey="BT-DEV" ldapGroupDn="cn=bt-dev,ou=groups,dc=example,dc=com"/>

With this mapping I would assume that the user jmcdonnel would be added to both the BT-DEV group and the ALL_USERS_GROUP that both exist in TeamCity.  I guess my problem lies with my ldap-config.properties file, but I cant see what could be the issue.  Here is a trimmed down version of this (minus comments):

teamcity.users.base=OU=users
teamcity.users.username=uid
teamcity.options.users.synchronize=true
teamcity.users.filter=(objectClass=inetOrgPerson)
teamcity.options.groups.synchronize=true
teamcity.groups.base=OU=groups
teamcity.groups.filter=(objectClass=posixGroup)
teamcity.options.createUsers=true
teamcity.options.deleteUsers=false
teamcity.groups.property.member=memberUid
teamcity.property.distinguishedName=distinguishedName
teamcity.users.property.displayName=displayName
teamcity.users.property.email=mail


Can anyone point me in the right direction for what could be my issue please?

2 comments
Comment actions Permalink

Hi John,

Could you please enable debug-ldap logging preset on Administration > Diagnostics page, run LDAP synchronization and attach the resulted log? Also please attach screenshot of "jmcdonnell" user > General page in TeamCity.

0

Please sign in to leave a comment.