Confluence stops authenticating Active Directory users with highestCommittedUSN error

Still need help?

The Atlassian Community is here for you.

Ask the community

Platform notice: Server and Data Center only. This article only applies to Atlassian products on the Server and Data Center platforms.

Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.

*Except Fisheye and Crucible



Confluence integrated with Active Directory stops authenticating users after a few hours.

Similar to what is seen on Jira server stops authenticating Active Directory users with highestCommittedUSN error.


Server and Data Center.

Active Directory


The following appears in the  atlassian-confluence.log :

2020-11-02 17:37:35,650 ERROR [Caesium-1-2] [] synchroniseCache Incremental synchronisation for directory [ 455321 ] was unexpectedly interrupted, falling back to a full synchronisation
com.atlassian.crowd.exception.OperationFailedException: Error looking up attributes for highestCommittedUSN

Caused by: org.springframework.transaction.CannotCreateTransactionException: Could not create DirContext instance for transaction; nested exception is org.springframework.ldap.CommunicationException:; nested exception is javax.naming.CommunicationException: ldap.example:389 [Root exception is connect timed out]
    at org.springframework.ldap.transaction.compensating.manager.ContextSourceTransactionManager.doBegin(

There no details on how the problem starts, Confluence seems to synchronise the users properly when it is started(full synchronisation) but the incremental synchronisation fails and the users are unable to login until the full synchronization is executed again.


Active Directory Clustering not is supported by Crowd or Embedded Crowd. See  CWD-2783 - Getting issue details... STATUS .


Change the LDAP server to point to one server. If there are multiple LDAP domains, point the connection to a single Domain Controller and not to the domain name.

Last modified on Nov 16, 2020

Was this helpful?

Provide feedback about this article
Powered by Confluence and Scroll Viewport.