LDAP sync throws CommunicationException ... UnknownHostException

Still need help?

The Atlassian Community is here for you.

Ask the community

Platform notice: Server and Data Center only. This article only applies to Atlassian products on the Server and Data Center platforms.

Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.

*Except Fisheye and Crucible

Problem

The LDAP synchronization throws the following exception stack trace to atlassian-crowd.log or the product specific log if using another Atlassian product: 

com.atlassian.crowd.exception.OperationFailedException: org.springframework.ldap.CommunicationException: host.example.com:389; nested exception is javax.naming.CommunicationException: host.example.com:389 [Root exception is java.net.UnknownHostException: host.example.com]
        at com.atlassian.crowd.directory.SpringLDAPConnector.pageSearchResults(SpringLDAPConnector.java:398)
        at com.atlassian.crowd.directory.SpringLDAPConnector.searchEntitiesWithRequestControls(SpringLDAPConnector.java:431)
        at com.atlassian.crowd.directory.MicrosoftActiveDirectory.findTombstonesSince(MicrosoftActiveDirectory.java:782)
        at com.atlassian.crowd.directory.MicrosoftActiveDirectory.findGroupTombstonesSince(MicrosoftActiveDirectory.java:734)
        at com.atlassian.crowd.directory.ldap.cache.UsnChangedCacheRefresher.synchroniseGroupChanges(UsnChangedCacheRefresher.java:344)
        at com.atlassian.crowd.directory.ldap.cache.UsnChangedCacheRefresher.synchroniseChanges(UsnChangedCacheRefresher.java:113)
        at com.atlassian.crowd.directory.DbCachingRemoteDirectory.synchroniseCache(DbCachingRemoteDirectory.java:960)
        at com.atlassian.crowd.manager.directory.DirectorySynchroniserImpl.synchronise(DirectorySynchroniserImpl.java:67)
        at com.atlassian.jira.crowd.embedded.JiraDirectorySynchroniser.synchronizeDirectory(JiraDirectorySynchroniser.java:77)
        at com.atlassian.jira.crowd.embedded.JiraDirectorySynchroniser.runJob(JiraDirectorySynchroniser.java:52)
        at com.atlassian.scheduler.core.JobLauncher.runJob(JobLauncher.java:153)
        at com.atlassian.scheduler.core.JobLauncher.launchAndBuildResponse(JobLauncher.java:118)
        at com.atlassian.scheduler.core.JobLauncher.launch(JobLauncher.java:97)
        at com.atlassian.scheduler.caesium.impl.CaesiumSchedulerService.launchJob(CaesiumSchedulerService.java:443)
        at com.atlassian.scheduler.caesium.impl.CaesiumSchedulerService.executeClusteredJob(CaesiumSchedulerService.java:438)
        at com.atlassian.scheduler.caesium.impl.CaesiumSchedulerService.executeClusteredJobWithRecoveryGuard(CaesiumSchedulerService.java:462)
        at com.atlassian.scheduler.caesium.impl.CaesiumSchedulerService.executeQueuedJob(CaesiumSchedulerService.java:390)
        at com.atlassian.scheduler.caesium.impl.CaesiumSchedulerService$1.consume(CaesiumSchedulerService.java:285)
        at com.atlassian.scheduler.caesium.impl.CaesiumSchedulerService$1.consume(CaesiumSchedulerService.java:282)
        at com.atlassian.scheduler.caesium.impl.SchedulerQueueWorker.executeJob(SchedulerQueueWorker.java:65)
        at com.atlassian.scheduler.caesium.impl.SchedulerQueueWorker.executeNextJob(SchedulerQueueWorker.java:59)
        at com.atlassian.scheduler.caesium.impl.SchedulerQueueWorker.run(SchedulerQueueWorker.java:34)
        at java.lang.Thread.run(Thread.java:748)
Caused by: org.springframework.ldap.CommunicationException: host.example.com:389; nested exception is javax.naming.CommunicationException: host.example.com:389 [Root exception is java.net.UnknownHostException: host.example.com]
        at org.springframework.ldap.support.LdapUtils.convertLdapException(LdapUtils.java:108)
        at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:397)
        at com.atlassian.crowd.directory.ldap.SpringLdapTemplateWrapper$3.timedCall(SpringLdapTemplateWrapper.java:195)
        at com.atlassian.crowd.directory.ldap.SpringLdapTemplateWrapper$3.timedCall(SpringLdapTemplateWrapper.java:192)
        at com.atlassian.crowd.directory.ldap.SpringLdapTemplateWrapper$TimedCallable.call(SpringLdapTemplateWrapper.java:130)
        at com.atlassian.crowd.directory.ldap.SpringLdapTemplateWrapper.search(SpringLdapTemplateWrapper.java:192)
        at com.atlassian.crowd.directory.SpringLDAPConnector.pageSearchResults(SpringLDAPConnector.java:370)
        ... 22 more
Caused by: javax.naming.CommunicationException: host.example.com:389 [Root exception is java.net.UnknownHostException: host.example.com]
        at com.sun.jndi.ldap.LdapReferralContext.<init>(LdapReferralContext.java:96)
        at com.sun.jndi.ldap.LdapReferralException.getReferralContext(LdapReferralException.java:151)
        at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1861)
        at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1769)
        at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:392)
        at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:276)
        ... 2 filtered
        at java.lang.reflect.Method.invoke(Method.java:498)
        at org.springframework.ldap.transaction.compensating.manager.TransactionAwareDirContextInvocationHandler.invoke(TransactionAwareDirContextInvocationHandler.java:90)
        at com.sun.proxy.$Proxy3853.search(Unknown Source)
        at com.atlassian.crowd.directory.ldap.SpringLdapTemplateWrapper$3.lambda$timedCall$0(SpringLdapTemplateWrapper.java:194)
        at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:363)
        ... 28 more
Caused by: java.net.UnknownHostException: host.example.com
        at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:184)
        at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)
        at java.net.Socket.connect(Socket.java:589)
        at sun.reflect.GeneratedMethodAccessor838.invoke(Unknown Source)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at com.sun.jndi.ldap.Connection.createSocket(Connection.java:362)
        at com.sun.jndi.ldap.Connection.<init>(Connection.java:215)
        at com.sun.jndi.ldap.LdapClient.<init>(LdapClient.java:137)
        at com.sun.jndi.ldap.LdapClientFactory.createPooledConnection(LdapClientFactory.java:64)
        at com.sun.jndi.ldap.pool.Connections.<init>(Connections.java:114)
        at com.sun.jndi.ldap.pool.Pool.getPooledConnection(Pool.java:136)
        at com.sun.jndi.ldap.LdapPoolManager.getLdapClient(LdapPoolManager.java:329)
        at com.sun.jndi.ldap.LdapClient.getInstance(LdapClient.java:1607)
        at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2749)
        at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:319)
        at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:192)
        at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:151)
        at com.sun.jndi.url.ldap.ldapURLContextFactory.getObjectInstance(ldapURLContextFactory.java:52)
        at javax.naming.spi.NamingManager.getURLObject(NamingManager.java:601)
        at javax.naming.spi.NamingManager.processURL(NamingManager.java:381)
        at javax.naming.spi.NamingManager.processURLAddrs(NamingManager.java:361)
        at javax.naming.spi.NamingManager.getObjectInstance(NamingManager.java:333)
        at com.sun.jndi.ldap.LdapReferralContext.<init>(LdapReferralContext.java:119)
        ... 41 more

Diagnosis

In the example exception above, Crowd is trying to reach host.example.com although this host is not used in the directory configuration at all. 

Looking at the stack trace, notice the call to getReferralContext, which indicates the LDAP server provided a reference to the alternate location host.example.com because Follow Referrals is enabled.

Cause

Since Follow Referrals is enabled for the directory being synced, Crowd tried to follow the alternate location provided by the LDAP server and failed to resolve its DNS. 

Workaround

  • Disable Follow Referrals for the impacted directories, or
  • If you validate that the sync is running fine, you can ignore those errors. 

Resolution

Make the DNS of the alternate locations referred to by your LDAP server resolvable from Crowd (or the Atlassian product). You need to make sure they're reachable as well. 


DescriptionCommunicationException .. UnknownHostException while running LDAP sync
ProductCrowd, Jira, Confluence, Bitbucket
Last modified on May 3, 2019

Was this helpful?

Yes
No
Provide feedback about this article
Powered by Confluence and Scroll Viewport.