LDAP sync fails with Request cancelled

Platform Notice: Data Center Only - This article only applies to Atlassian products on the Data Center platform.

Note that this KB was created for the Data Center version of the product. Data Center KBs for non-Data-Center-specific features may also work for Server versions of the product, however they have not been tested. Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.

*Except Fisheye and Crucible

Symptoms

  1. LDAP synchronisation fails

  2. The following appears in the atlassian-jira.log:

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 2012-06-11 11:17:33,794 QuartzWorker-0 ERROR ServiceRunner [atlassian.crowd.directory.DbCachingDirectoryPoller] Error occurred while refreshing the cache for directory [ 10000 ]. com.atlassian.crowd.exception.OperationFailedException: java.util.concurrent.ExecutionException: com.atlassian.crowd.exception.OperationFailedException: org.springframework.ldap.CommunicationException: Request: 2 cancelled; nested exception is javax.naming.CommunicationException: Request: 2 cancelled; remaining name 'dc=test,dc=com' at com.atlassian.crowd.directory.ldap.cache.UsnChangedCacheRefresher.synchroniseAllGroups(UsnChangedCacheRefresher.java:299) at com.atlassian.crowd.directory.ldap.cache.AbstractCacheRefresher.synchroniseAll(AbstractCacheRefresher.java:40) at com.atlassian.crowd.directory.ldap.cache.UsnChangedCacheRefresher.synchroniseAll(UsnChangedCacheRefresher.java:223) at com.atlassian.crowd.directory.DbCachingRemoteDirectory.synchroniseCache(DbCachingRemoteDirectory.java:619) at com.atlassian.crowd.manager.directory.DirectorySynchroniserImpl.synchronise(DirectorySynchroniserImpl.java:63) at com.atlassian.crowd.directory.DbCachingDirectoryPoller.pollChanges(DbCachingDirectoryPoller.java:50) at com.atlassian.crowd.manager.directory.monitor.poller.DirectoryPollerJob.execute(DirectoryPollerJob.java:34) at org.quartz.core.JobRunShell.run(JobRunShell.java:195) at com.atlassian.multitenant.quartz.MultiTenantThreadPool$MultiTenantRunnable.run(MultiTenantThreadPool.java:72) at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:520) Caused by: java.util.concurrent.ExecutionException: com.atlassian.crowd.exception.OperationFailedException: org.springframework.ldap.CommunicationException: Request: 2 cancelled; nested exception is javax.naming.CommunicationException: Request: 2 cancelled; remaining name 'dc=test,dc=com' at java.util.concurrent.FutureTask$Sync.innerGet(FutureTask.java:222) at java.util.concurrent.FutureTask.get(FutureTask.java:83) at com.atlassian.crowd.directory.ldap.cache.UsnChangedCacheRefresher.synchroniseAllGroups(UsnChangedCacheRefresher.java:280) ... 9 more Caused by: com.atlassian.crowd.exception.OperationFailedException: org.springframework.ldap.CommunicationException: Request: 2 cancelled; nested exception is javax.naming.CommunicationException: Request: 2 cancelled; remaining name 'dc=test,dc=com' at com.atlassian.crowd.directory.SpringLDAPConnector.pageSearchResults(SpringLDAPConnector.java:366) at com.atlassian.crowd.directory.SpringLDAPConnector.searchEntitiesWithRequestControls(SpringLDAPConnector.java:399) at com.atlassian.crowd.directory.SpringLDAPConnector.searchEntities(SpringLDAPConnector.java:384) at com.atlassian.crowd.directory.SpringLDAPConnector.searchGroupObjectsOfSpecifiedGroupType(SpringLDAPConnector.java:1078) at com.atlassian.crowd.directory.SpringLDAPConnector.searchGroupObjects(SpringLDAPConnector.java:1126) at com.atlassian.crowd.directory.SpringLDAPConnector.searchGroups(SpringLDAPConnector.java:1135) at com.atlassian.crowd.directory.ldap.cache.UsnChangedCacheRefresher$2.call(UsnChangedCacheRefresher.java:194) at com.atlassian.crowd.directory.ldap.cache.UsnChangedCacheRefresher$2.call(UsnChangedCacheRefresher.java:189) at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:303) at java.util.concurrent.FutureTask.run(FutureTask.java:138) at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908) at java.lang.Thread.run(Thread.java:662) Caused by: org.springframework.ldap.CommunicationException: Request: 2 cancelled; nested exception is javax.naming.CommunicationException: Request: 2 cancelled; remaining name 'dc=test,dc=com' at org.springframework.ldap.support.LdapUtils.convertLdapException(LdapUtils.java:98) at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:319) at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:237) at com.atlassian.crowd.directory.ldap.LdapTemplateWithClassLoaderWrapper$4.call(LdapTemplateWithClassLoaderWrapper.java:88) at com.atlassian.crowd.directory.ldap.LdapTemplateWithClassLoaderWrapper$4.call(LdapTemplateWithClassLoaderWrapper.java:85) at com.atlassian.crowd.directory.ldap.LdapTemplateWithClassLoaderWrapper.invokeWithContextClassLoader(LdapTemplateWithClassLoaderWrapper.java:43) at com.atlassian.crowd.directory.ldap.LdapTemplateWithClassLoaderWrapper.search(LdapTemplateWithClassLoaderWrapper.java:85) at com.atlassian.crowd.directory.SpringLDAPConnector.pageSearchResults(SpringLDAPConnector.java:333) ... 12 more Caused by: javax.naming.CommunicationException: Request: 2 cancelled; remaining name 'dc=test,dc=com' at com.sun.jndi.ldap.LdapRequest.getReplyBer(LdapRequest.java:60) at com.sun.jndi.ldap.Connection.readReply(Connection.java:414) at com.sun.jndi.ldap.LdapClient.getSearchReply(LdapClient.java:611) at com.sun.jndi.ldap.LdapClient.search(LdapClient.java:534) at com.sun.jndi.ldap.LdapCtx.doSearch(LdapCtx.java:1962) at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1824) at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1749) at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:368) at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:338) at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:257) at sun.reflect.GeneratedMethodAccessor1265.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.springframework.ldap.transaction.compensating.manager.TransactionAwareDirContextInvocationHandler.invoke(TransactionAwareDirContextInvocationHandler.java:92) at $Proxy1502.search(Unknown Source) at org.springframework.ldap.core.LdapTemplate$3.executeSearch(LdapTemplate.java:231) at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:293) ... 18 more

Cause

This error occurs when a filter request is made to the LDAP server with bad syntax.

Example:

  • Problem filter:

    1 Group Object Filter = (objectCategory=Group)(cn=jiragroups)

  • Should be:

    1 Group Object Filter = (&(objectCategory=Group)(cn=jiragroups))

Resolution

  1. Edit your LDAP directory configuration within JIRA

  2. Check your filter configurations for both the Users Schema and Groups Schema

    1. Good references for the syntax:

      1. http://msdn.microsoft.com/en-us/library/windows/desktop/aa746475(v=vs.85).aspx

      2. http://technet.microsoft.com/en-us/library/aa996205(v=exchg.65).aspx

ℹ️Please see our Troubleshooting LDAP User Management documentation for further assistance with diagnosing LDAP problems.

Updated on April 8, 2025
Platform
Data Center only
Product
Jira Software Data Center
On this pageSymptomsCauseResolution

Still need help?

The Atlassian Community is here for you.
Ask the Community