Bonobo-Git-Server Redirect to /Home/Unauthorized after login with AD integration

Like I wrote on SO before, I have a problem with using AD integration with a fresh Bonobo 6.3 installation on a Win 10 computer:

First I have set up Bonobo so that I was able to log in using "admin" user and create repositories, users, groups, ... Everything worked well. As I want to use Bonobo in my companies network I tried integration into our active directory. I changed the "AuthenticationProvider" to "Windows" and "MembershipService" to "ActiveDirectory". I added the DomainName, MemberGroupName, ... to fit the values in our domain and restartet the IIS.

<add key="ActiveDirectoryDefaultDomain" value="$domain" /> 
<add key="ActiveDirectoryBackendPath" value="~\App_Data\ADBackend" /> 
<add key="ActiveDirectoryMemberGroupName" value="Developer" /> 
<add key="ActiveDirectoryTeamMapping" value="Developers=Developer" /> 
<add key="ActiveDirectoryRoleMapping" value="Administrator=Developer" />

After entering my ad username and password on the webpage (http://$server.$domain/Bonobo/Home/LogOn/00000000-0000-0000-0000-000000000000) I am instantly redirected to http://$server.$domain/Bonobo/Home/Unauthorized

When I try to log in using http://$server.$domain/Bonobo/Home/WindowsLogin?returnUrl=%2FBonobo%2FHome%2FIndex I am redirected to a page that looks like the log in was successful, but I can't open my profile (The item you were looking for wasn't found.) and can't create a new repository. Also my user should have adminitrative rigths according to the web.config.

Clicking on the button to edit my account Bonobo shows an error "The item you were looking for wasn't found." Clicking on the button to create a new repo Bonobo shows an error "An error occurred when processing your request. Please try again or contact the system administrator."

Excerpt from the logs: 2017-11-02 13:12:42.718 +01:00 [Information] Bonobo starting 2017-11-02 13:12:43.491 +01:00 [Verbose] AD: Default domain set as "$domain" 2017-11-02 13:12:43.492 +01:00 [Verbose] ADHelp: Creating directory context with domain: "$domain" 2017-11-02 13:12:43.841 +01:00 [Information] Searching for group "Developer" in domain "$domain" 2017-11-02 13:12:43.863 +01:00 [Verbose] AD: Default domain set as "$domain" 2017-11-02 13:12:43.863 +01:00 [Verbose] ADHelp: Creating directory context with domain: "$domain" 2017-11-02 13:12:43.866 +01:00 [Information] Looking for user with guid "c7e7579f-2f0e-4924-9dfe-a59003627b95" in domain "$domain" 2017-11-02 13:12:43.882 +01:00 [Verbose] AD: Default domain set as "$domain" 2017-11-02 13:12:43.882 +01:00 [Verbose] ADHelp: Creating directory context with domain: "$domain" 2017-11-02 13:12:43.886 +01:00 [Information] Looking for user with guid "7a42aa8d-ec5f-4bd0-a40f-722430687a70" in domain "$domain" 2017-11-02 13:12:43.901 +01:00 [Verbose] AD: Default domain set as "$domain" 2017-11-02 13:12:43.901 +01:00 [Verbose] ADHelp: Creating directory context with domain: "$domain" 2017-11-02 13:12:43.905 +01:00 [Information] Looking for user with guid "dee50ac9-8767-4cbf-88b0-de90801f4fae" in domain "$domain" 2017-11-02 13:12:43.919 +01:00 [Verbose] AD: Default domain set as "$domain" 2017-11-02 13:12:43.919 +01:00 [Verbose] ADHelp: Creating directory context with domain: "$domain" 2017-11-02 13:12:43.923 +01:00 [Information] Looking for user with guid "255cfb79-a661-4205-a484-f207d353767e" in domain "$domain" 2017-11-02 13:12:43.937 +01:00 [Verbose] AD: Default domain set as "$domain" 2017-11-02 13:12:43.937 +01:00 [Verbose] ADHelp: Creating directory context with domain: "$domain" 2017-11-02 13:12:43.941 +01:00 [Information] Looking for user with guid "d921e89c-6105-4104-be8c-af255e02627f" in domain "$domain" 2017-11-02 13:12:43.955 +01:00 [Verbose] AD: Default domain set as "$domain" 2017-11-02 13:12:43.955 +01:00 [Verbose] ADHelp: Creating directory context with domain: "$domain" 2017-11-02 13:12:43.958 +01:00 [Information] Looking for user with guid "25196442-e0e9-41b0-a984-18c937e00c10" in domain "$domain" 2017-11-02 13:12:43.972 +01:00 [Verbose] AD: Default domain set as "$domain" 2017-11-02 13:12:43.972 +01:00 [Verbose] ADHelp: Creating directory context with domain: "$domain" 2017-11-02 13:12:43.976 +01:00 [Information] Looking for user with guid "ae7ad76e-af3f-4969-972e-2a87d7c2fd7c" in domain "$domain" 2017-11-02 13:12:43.991 +01:00 [Verbose] AD: Default domain set as "$domain" 2017-11-02 13:12:43.991 +01:00 [Verbose] ADHelp: Creating directory context with domain: "$domain" 2017-11-02 13:12:43.995 +01:00 [Information] Looking for user with guid "85c35f5a-e215-49f7-ba40-07eb032aec68" in domain "$domain" 2017-11-02 13:12:44.010 +01:00 [Verbose] AD: Default domain set as "$domain" 2017-11-02 13:12:44.010 +01:00 [Verbose] ADHelp: Creating directory context with domain: "$domain" 2017-11-02 13:12:44.014 +01:00 [Information] Looking for user with guid "b92c8a11-46dd-4fdf-b390-5eb1cd773914" in domain "$domain" 2017-11-02 13:12:44.030 +01:00 [Verbose] AD: Default domain set as "$domain" 2017-11-02 13:12:44.030 +01:00 [Verbose] ADHelp: Creating directory context with domain: "$domain" 2017-11-02 13:12:44.034 +01:00 [Information] Looking for user with guid "1127c814-add7-4f87-a292-21c87d48919f" in domain "$domain" 2017-11-02 13:12:44.049 +01:00 [Verbose] AD: Default domain set as "$domain" 2017-11-02 13:12:44.049 +01:00 [Verbose] ADHelp: Creating directory context with domain: "$domain" 2017-11-02 13:12:44.053 +01:00 [Information] Looking for user with guid "ef7ae19a-50d7-408e-9de9-fffe75208a2a" in domain "$domain" 2017-11-02 13:12:44.067 +01:00 [Verbose] AD: Default domain set as "$domain" 2017-11-02 13:12:44.067 +01:00 [Verbose] ADHelp: Creating directory context with domain: "$domain" 2017-11-02 13:12:44.070 +01:00 [Information] Looking for user with guid "d21cb1a9-ecd2-4f52-a620-a254e55fa289" in domain "$domain" 2017-11-02 13:12:44.117 +01:00 [Verbose] GetUserPrincipal: username "$user@$domain", domain "$domain", stripped "b..." 2017-11-02 13:12:44.117 +01:00 [Verbose] ADHelp: Creating directory context with domain: "$domain" 2017-11-02 13:12:44.230 +01:00 [Verbose] GetUserPrincipal: username "$user@$domain", domain "$domain", stripped "I..." 2017-11-02 13:12:44.230 +01:00 [Verbose] ADHelp: Creating directory context with domain: "$domain" 2017-11-02 13:12:44.252 +01:00 [Verbose] GetUserPrincipal: username "$user@$domain", domain "$domain", stripped "s..." 2017-11-02 13:12:44.252 +01:00 [Verbose] ADHelp: Creating directory context with domain: "$domain" 2017-11-02 13:12:44.270 +01:00 [Verbose] GetUserPrincipal: username "$user@$domain", domain "$domain", stripped "s..." 2017-11-02 13:12:44.270 +01:00 [Verbose] ADHelp: Creating directory context with domain: "$domain" 2017-11-02 13:12:44.289 +01:00 [Verbose] GetUserPrincipal: username "$user@$domain", domain "$domain", stripped "H..." 2017-11-02 13:12:44.289 +01:00 [Verbose] ADHelp: Creating directory context with domain: "$domain" 2017-11-02 13:12:44.308 +01:00 [Verbose] GetUserPrincipal: username "$user@$domain", domain "$domain", stripped "J..." 2017-11-02 13:12:44.308 +01:00 [Verbose] ADHelp: Creating directory context with domain: "$domain" 2017-11-02 13:12:44.351 +01:00 [Verbose] GetUserPrincipal: username "$user@$domain", domain "$domain", stripped "s..." 2017-11-02 13:12:44.351 +01:00 [Verbose] ADHelp: Creating directory context with domain: "$domain" 2017-11-02 13:12:44.371 +01:00 [Verbose] GetUserPrincipal: username "$user@$domain", domain "$domain", stripped "k..." 2017-11-02 13:12:44.371 +01:00 [Verbose] ADHelp: Creating directory context with domain: "$domain" 2017-11-02 13:12:44.391 +01:00 [Verbose] GetUserPrincipal: username "$user@$domain", domain "$domain", stripped "W..." 2017-11-02 13:12:44.391 +01:00 [Verbose] ADHelp: Creating directory context with domain: "$domain" 2017-11-02 13:12:44.410 +01:00 [Verbose] GetUserPrincipal: username "$user@$domain", domain "$domain", stripped "J..." 2017-11-02 13:12:44.410 +01:00 [Verbose] ADHelp: Creating directory context with domain: "$domain" 2017-11-02 13:12:44.428 +01:00 [Verbose] GetUserPrincipal: username "$user@$domain", domain "$domain", stripped "k..." 2017-11-02 13:12:44.428 +01:00 [Verbose] ADHelp: Creating directory context with domain: "$domain" 2017-11-02 13:12:44.447 +01:00 [Verbose] GetUserPrincipal: username "$user@$domain", domain "$domain", stripped "j..." 2017-11-02 13:12:44.447 +01:00 [Verbose] ADHelp: Creating directory context with domain: "$domain" 2017-11-02 13:12:44.469 +01:00 [Verbose] AD: Updating team "Developers" (groupName "Developer") 2017-11-02 13:12:44.469 +01:00 [Verbose] AD: Default domain set as "$domain" 2017-11-02 13:12:44.469 +01:00 [Verbose] ADHelp: Creating directory context with domain: "$domain" 2017-11-02 13:12:44.471 +01:00 [Information] Searching for group "Developer" in domain "$domain" 2017-11-02 13:12:44.536 +01:00 [Verbose] AD: Updated team "Developers" OK 2017-11-02 13:12:44.543 +01:00 [Verbose] AD: Updating role "Administrator" (groupName "Developer") 2017-11-02 13:12:44.543 +01:00 [Verbose] AD: Default domain set as "$domain" 2017-11-02 13:12:44.543 +01:00 [Verbose] ADHelp: Creating directory context with domain: "$domain" 2017-11-02 13:12:44.545 +01:00 [Information] Searching for group "Developer" in domain "$domain" 2017-11-02 13:12:44.604 +01:00 [Verbose] AD: Updated role "Administrator" OK

Any help is appreciated...

Nov 02 '17 12:11 AlexStrobel

@AlexStrobel would you mind trying an earlier version:

https://bonobogitserver.com/resources/releases/6_2_1.zip

AD is a constant struggle (none of the original devs are around, and it's hideously difficult to test), and I also merged a PR after 6.2.1 which hasn't been an unalloyed success.

Nov 02 '17 12:11 willdean

Regrettably this version doesn't work either :/ So I will probably have to manage the users myself... Thanks for your help!

Nov 02 '17 12:11 AlexStrobel

I have looked a little bit at this error and it is the removal of the web authorise attribute from the repositorycontroller - then the windows middleware authentication is not activated correctly...

Seems to stem from PR #710 .

Nov 06 '17 19:11 larshg

@larshg Nice to see you back... Do you have the Git skills to back #710 out completely so we can do a release without it? It's caused a number of problems and I don't have time to get to the bottom of them all - I think we'd be better without it for the time being.

I guess the right thing to do is create a new branch from 6.2.1 and cherry-pick everything except the #710 commits?

Nov 06 '17 21:11 willdean

I can confirm the issue with the current version 6.3.0. Going back to 6.2.1 and AD authentication and membership service work fine.

Nov 07 '17 12:11 BraggerXYZ

Yes, I'm back... However not mich time fpr Bonobo. Yes, i guess that would be the way to go, and maybe op en the original PR again and state the problem to the original author. Atleast if it should be merged again.

Nov 07 '17 13:11 larshg

Hi there! I'm facing the same issue.

Version (6.5.0.679)

Item wasn't found The item you were looking for wasn't found.

Jan 17 '20 00:01 msight-ar

Bonobo-Git-Server Bonobo-Git-Server copied to clipboard

Redirect to /Home/Unauthorized after login with AD integration

Bonobo-Git-Server
Bonobo-Git-Server copied to clipboard