LDAP sync throws CommunicationException ... UnknownHostException

Still need help?

The Atlassian Community is here for you.

Ask the community

This article only applies to Atlassian's server products. Learn more about the differences between cloud and server.

Problem

The LDAP synchronization throws the following exception stack trace to atlassian-crowd.log or the product specific log if using another Atlassian product: 

com.atlassian.crowd.exception.OperationFailedException: org.springframework.ldap.CommunicationException: host.example.com:389; nested exception is javax.naming.CommunicationException: host.example.com:389 [Root exception is java.net.UnknownHostException: host.example.com]
        at com.atlassian.crowd.directory.SpringLDAPConnector.pageSearchResults(SpringLDAPConnector.java:398)
        at com.atlassian.crowd.directory.SpringLDAPConnector.searchEntitiesWithRequestControls(SpringLDAPConnector.java:431)
        at com.atlassian.crowd.directory.MicrosoftActiveDirectory.findTombstonesSince(MicrosoftActiveDirectory.java:782)
        at com.atlassian.crowd.directory.MicrosoftActiveDirectory.findGroupTombstonesSince(MicrosoftActiveDirectory.java:734)
        at com.atlassian.crowd.directory.ldap.cache.UsnChangedCacheRefresher.synchroniseGroupChanges(UsnChangedCacheRefresher.java:344)
        at com.atlassian.crowd.directory.ldap.cache.UsnChangedCacheRefresher.synchroniseChanges(UsnChangedCacheRefresher.java:113)
        at com.atlassian.crowd.directory.DbCachingRemoteDirectory.synchroniseCache(DbCachingRemoteDirectory.java:960)
        at com.atlassian.crowd.manager.directory.DirectorySynchroniserImpl.synchronise(DirectorySynchroniserImpl.java:67)
        at com.atlassian.jira.crowd.embedded.JiraDirectorySynchroniser.synchronizeDirectory(JiraDirectorySynchroniser.java:77)
        at com.atlassian.jira.crowd.embedded.JiraDirectorySynchroniser.runJob(JiraDirectorySynchroniser.java:52)
        at com.atlassian.scheduler.core.JobLauncher.runJob(JobLauncher.java:153)
        at com.atlassian.scheduler.core.JobLauncher.launchAndBuildResponse(JobLauncher.java:118)
        at com.atlassian.scheduler.core.JobLauncher.launch(JobLauncher.java:97)
        at com.atlassian.scheduler.caesium.impl.CaesiumSchedulerService.launchJob(CaesiumSchedulerService.java:443)
        at com.atlassian.scheduler.caesium.impl.CaesiumSchedulerService.executeClusteredJob(CaesiumSchedulerService.java:438)
        at com.atlassian.scheduler.caesium.impl.CaesiumSchedulerService.executeClusteredJobWithRecoveryGuard(CaesiumSchedulerService.java:462)
        at com.atlassian.scheduler.caesium.impl.CaesiumSchedulerService.executeQueuedJob(CaesiumSchedulerService.java:390)
        at com.atlassian.scheduler.caesium.impl.CaesiumSchedulerService$1.consume(CaesiumSchedulerService.java:285)
        at com.atlassian.scheduler.caesium.impl.CaesiumSchedulerService$1.consume(CaesiumSchedulerService.java:282)
        at com.atlassian.scheduler.caesium.impl.SchedulerQueueWorker.executeJob(SchedulerQueueWorker.java:65)
        at com.atlassian.scheduler.caesium.impl.SchedulerQueueWorker.executeNextJob(SchedulerQueueWorker.java:59)
        at com.atlassian.scheduler.caesium.impl.SchedulerQueueWorker.run(SchedulerQueueWorker.java:34)
        at java.lang.Thread.run(Thread.java:748)
Caused by: org.springframework.ldap.CommunicationException: host.example.com:389; nested exception is javax.naming.CommunicationException: host.example.com:389 [Root exception is java.net.UnknownHostException: host.example.com]
        at org.springframework.ldap.support.LdapUtils.convertLdapException(LdapUtils.java:108)
        at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:397)
        at com.atlassian.crowd.directory.ldap.SpringLdapTemplateWrapper$3.timedCall(SpringLdapTemplateWrapper.java:195)
        at com.atlassian.crowd.directory.ldap.SpringLdapTemplateWrapper$3.timedCall(SpringLdapTemplateWrapper.java:192)
        at com.atlassian.crowd.directory.ldap.SpringLdapTemplateWrapper$TimedCallable.call(SpringLdapTemplateWrapper.java:130)
        at com.atlassian.crowd.directory.ldap.SpringLdapTemplateWrapper.search(SpringLdapTemplateWrapper.java:192)
        at com.atlassian.crowd.directory.SpringLDAPConnector.pageSearchResults(SpringLDAPConnector.java:370)
        ... 22 more
Caused by: javax.naming.CommunicationException: host.example.com:389 [Root exception is java.net.UnknownHostException: host.example.com]
        at com.sun.jndi.ldap.LdapReferralContext.<init>(LdapReferralContext.java:96)
        at com.sun.jndi.ldap.LdapReferralException.getReferralContext(LdapReferralException.java:151)
        at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1861)
        at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1769)
        at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:392)
        at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:276)
        ... 2 filtered
        at java.lang.reflect.Method.invoke(Method.java:498)
        at org.springframework.ldap.transaction.compensating.manager.TransactionAwareDirContextInvocationHandler.invoke(TransactionAwareDirContextInvocationHandler.java:90)
        at com.sun.proxy.$Proxy3853.search(Unknown Source)
        at com.atlassian.crowd.directory.ldap.SpringLdapTemplateWrapper$3.lambda$timedCall$0(SpringLdapTemplateWrapper.java:194)
        at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:363)
        ... 28 more
Caused by: java.net.UnknownHostException: host.example.com
        at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:184)
        at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)
        at java.net.Socket.connect(Socket.java:589)
        at sun.reflect.GeneratedMethodAccessor838.invoke(Unknown Source)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at com.sun.jndi.ldap.Connection.createSocket(Connection.java:362)
        at com.sun.jndi.ldap.Connection.<init>(Connection.java:215)
        at com.sun.jndi.ldap.LdapClient.<init>(LdapClient.java:137)
        at com.sun.jndi.ldap.LdapClientFactory.createPooledConnection(LdapClientFactory.java:64)
        at com.sun.jndi.ldap.pool.Connections.<init>(Connections.java:114)
        at com.sun.jndi.ldap.pool.Pool.getPooledConnection(Pool.java:136)
        at com.sun.jndi.ldap.LdapPoolManager.getLdapClient(LdapPoolManager.java:329)
        at com.sun.jndi.ldap.LdapClient.getInstance(LdapClient.java:1607)
        at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2749)
        at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:319)
        at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:192)
        at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:151)
        at com.sun.jndi.url.ldap.ldapURLContextFactory.getObjectInstance(ldapURLContextFactory.java:52)
        at javax.naming.spi.NamingManager.getURLObject(NamingManager.java:601)
        at javax.naming.spi.NamingManager.processURL(NamingManager.java:381)
        at javax.naming.spi.NamingManager.processURLAddrs(NamingManager.java:361)
        at javax.naming.spi.NamingManager.getObjectInstance(NamingManager.java:333)
        at com.sun.jndi.ldap.LdapReferralContext.<init>(LdapReferralContext.java:119)
        ... 41 more

Diagnosis

In the example exception above, Crowd is trying to reach host.example.com although this host is not used in the directory configuration at all. 

Looking at the stack trace, notice the call to getReferralContext, which indicates the LDAP server provided a reference to the alternate location host.example.com because Follow Referrals is enabled.

Cause

Since Follow Referrals is enabled for the directory being synced, Crowd tried to follow the alternate location provided by the LDAP server and failed to resolve its DNS. 

Workaround

  • Disable Follow Referrals for the impacted directories, or
  • If you validate that the sync is running fine, you can ignore those errors. 

Resolution

Make the DNS of the alternate locations referred to by your LDAP server resolvable from Crowd (or the Atlassian product). You need to make sure they're reachable as well. 


Description CommunicationException .. UnknownHostException while running LDAP sync
Product Crowd, Jira, Confluence, Bitbucket
Last modified on May 3, 2019

Was this helpful?

Yes
No
Provide feedback about this article
Powered by Confluence and Scroll Viewport.