Continuous Delivery Journey – Setting Up Thoughtworks Go

Setting up Go has been an adventure. The install was easy. I installed one server and one agent. Then we go to the admin section. Connecting Go to Active Directory was a real chore. Its an LDAP connection, which I had never dealt with before.

First, I created a username/password file. This is just a file listing usernames and passwords that can access Go while I figured out the LDAP connection. I called the file ‘’ but I think you can call it anything, and put it in the root Go directory. It needs to be in the format:


With no extra spaces between the username password and colon. And the password needs to be hashed. I found a tool on the web for generating the hash:

You can set the location of this file in the Go Admin section under Server Configuration -> Password File Path or you can set it directly in the config file, and XML file in the root folder of the Go Server called cruise-config.xml. You can find the schema for this file here:

Double check you can log in, and once you can you are free to play with the LDAP connection.

The LDAP connection asks for several variables, none of which I knew. As I do not know or have access to my Active Directory, I found this tool (You only need the free LDAP Browser, not the LDAP Administrator):

This helped me work it all out. You need:

1. URI: which is formatted ‘ldap://
2. Manager DN: This is the account that connects to the Go Server. I had the system admin create a specific Go account. This should be formatted CN=go app,CN=Users,DC=domainname,DC=com
Notice the space in ‘go app’. its looking for the display name
3. Manager Password: the password for my go app account
4. Search Base: Here I used ldapadministrator tool to formulate the search. There is a directory search funtion. It will be something like OU=user groups,DC=domainname,DC=com. OU is organizational unit. This is where my users reside in AD.
5. Search Filter: (sAMAccountName={0})

Luckily there is a Check LDAP button to ensure my connection works. Now I can go to the User Summary page, and search for users in AD and grant them access to Go.