We're having the same issue.
Entered our AD settings but not clear how to proceed from there.
Should our AD Groups show up in Groups ?
Remember that according to the Security Model, a User must be granted a "Collaboration" System-level permission. This means that initially none of your LDAP users will be able to sign in to HgLab. To grant them access, go to Groups and assign the "Collaboration" permission to the LDAP Groups you want to give access to HgLab.
This implies that our AD groups should have shown up in Groups and we activate them by allowing Collaboration? But we're seeing no AD groups in HgLab Groups
Got this working by finding this code sample in here and then modifying settings until the code ran correctly. Port 636 has been suggested to work better:
// Requires a reference to System.DirectoryServices.AccountManagement
static void Main(string args)
var serverAddress = "yourldapserver.domain.com";
var serverPort = "636";
var baseContainer = "OU=Listname,dc=example,dc=com";
var bindLogin = "BindableLogin";
var bindPassword = "binderpassword";
var serverQualifiedAddress = serverAddress;
serverQualifiedAddress = serverQualifiedAddress + ":" + serverPort;
using (var domainContext = new PrincipalContext(ContextType.Domain, serverQualifiedAddress, baseContainer, ContextOptions.Negotiate, bindLogin, bindPassword))
var principal = UserPrincipal.FindByIdentity(domainContext, "yourLoginname");
} // using