LDAP sync fails with Request cancelled
Symptoms
- LDAP synchronisation fails
- The following appears in the
atlassian-jira.log
:
2012-06-11 11:17:33,794 QuartzWorker-0 ERROR ServiceRunner [atlassian.crowd.directory.DbCachingDirectoryPoller] Error occurred while refreshing the cache for directory [ 10000 ].
com.atlassian.crowd.exception.OperationFailedException: java.util.concurrent.ExecutionException: com.atlassian.crowd.exception.OperationFailedException: org.springframework.ldap.CommunicationException: Request: 2 cancelled; nested exception is javax.naming.CommunicationException: Request: 2 cancelled; remaining name 'dc=test,dc=com'
at com.atlassian.crowd.directory.ldap.cache.UsnChangedCacheRefresher.synchroniseAllGroups(UsnChangedCacheRefresher.java:299)
at com.atlassian.crowd.directory.ldap.cache.AbstractCacheRefresher.synchroniseAll(AbstractCacheRefresher.java:40)
at com.atlassian.crowd.directory.ldap.cache.UsnChangedCacheRefresher.synchroniseAll(UsnChangedCacheRefresher.java:223)
at com.atlassian.crowd.directory.DbCachingRemoteDirectory.synchroniseCache(DbCachingRemoteDirectory.java:619)
at com.atlassian.crowd.manager.directory.DirectorySynchroniserImpl.synchronise(DirectorySynchroniserImpl.java:63)
at com.atlassian.crowd.directory.DbCachingDirectoryPoller.pollChanges(DbCachingDirectoryPoller.java:50)
at com.atlassian.crowd.manager.directory.monitor.poller.DirectoryPollerJob.execute(DirectoryPollerJob.java:34)
at org.quartz.core.JobRunShell.run(JobRunShell.java:195)
at com.atlassian.multitenant.quartz.MultiTenantThreadPool$MultiTenantRunnable.run(MultiTenantThreadPool.java:72)
at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:520)
Caused by: java.util.concurrent.ExecutionException: com.atlassian.crowd.exception.OperationFailedException: org.springframework.ldap.CommunicationException: Request: 2 cancelled; nested exception is javax.naming.CommunicationException: Request: 2 cancelled; remaining name 'dc=test,dc=com'
at java.util.concurrent.FutureTask$Sync.innerGet(FutureTask.java:222)
at java.util.concurrent.FutureTask.get(FutureTask.java:83)
at com.atlassian.crowd.directory.ldap.cache.UsnChangedCacheRefresher.synchroniseAllGroups(UsnChangedCacheRefresher.java:280)
... 9 more
Caused by: com.atlassian.crowd.exception.OperationFailedException: org.springframework.ldap.CommunicationException: Request: 2 cancelled; nested exception is javax.naming.CommunicationException: Request: 2 cancelled; remaining name 'dc=test,dc=com'
at com.atlassian.crowd.directory.SpringLDAPConnector.pageSearchResults(SpringLDAPConnector.java:366)
at com.atlassian.crowd.directory.SpringLDAPConnector.searchEntitiesWithRequestControls(SpringLDAPConnector.java:399)
at com.atlassian.crowd.directory.SpringLDAPConnector.searchEntities(SpringLDAPConnector.java:384)
at com.atlassian.crowd.directory.SpringLDAPConnector.searchGroupObjectsOfSpecifiedGroupType(SpringLDAPConnector.java:1078)
at com.atlassian.crowd.directory.SpringLDAPConnector.searchGroupObjects(SpringLDAPConnector.java:1126)
at com.atlassian.crowd.directory.SpringLDAPConnector.searchGroups(SpringLDAPConnector.java:1135)
at com.atlassian.crowd.directory.ldap.cache.UsnChangedCacheRefresher$2.call(UsnChangedCacheRefresher.java:194)
at com.atlassian.crowd.directory.ldap.cache.UsnChangedCacheRefresher$2.call(UsnChangedCacheRefresher.java:189)
at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:303)
at java.util.concurrent.FutureTask.run(FutureTask.java:138)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
at java.lang.Thread.run(Thread.java:662)
Caused by: org.springframework.ldap.CommunicationException: Request: 2 cancelled; nested exception is javax.naming.CommunicationException: Request: 2 cancelled; remaining name 'dc=test,dc=com'
at org.springframework.ldap.support.LdapUtils.convertLdapException(LdapUtils.java:98)
at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:319)
at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:237)
at com.atlassian.crowd.directory.ldap.LdapTemplateWithClassLoaderWrapper$4.call(LdapTemplateWithClassLoaderWrapper.java:88)
at com.atlassian.crowd.directory.ldap.LdapTemplateWithClassLoaderWrapper$4.call(LdapTemplateWithClassLoaderWrapper.java:85)
at com.atlassian.crowd.directory.ldap.LdapTemplateWithClassLoaderWrapper.invokeWithContextClassLoader(LdapTemplateWithClassLoaderWrapper.java:43)
at com.atlassian.crowd.directory.ldap.LdapTemplateWithClassLoaderWrapper.search(LdapTemplateWithClassLoaderWrapper.java:85)
at com.atlassian.crowd.directory.SpringLDAPConnector.pageSearchResults(SpringLDAPConnector.java:333)
... 12 more
Caused by: javax.naming.CommunicationException: Request: 2 cancelled; remaining name 'dc=test,dc=com'
at com.sun.jndi.ldap.LdapRequest.getReplyBer(LdapRequest.java:60)
at com.sun.jndi.ldap.Connection.readReply(Connection.java:414)
at com.sun.jndi.ldap.LdapClient.getSearchReply(LdapClient.java:611)
at com.sun.jndi.ldap.LdapClient.search(LdapClient.java:534)
at com.sun.jndi.ldap.LdapCtx.doSearch(LdapCtx.java:1962)
at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1824)
at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1749)
at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:368)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:338)
at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:257)
at sun.reflect.GeneratedMethodAccessor1265.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.springframework.ldap.transaction.compensating.manager.TransactionAwareDirContextInvocationHandler.invoke(TransactionAwareDirContextInvocationHandler.java:92)
at $Proxy1502.search(Unknown Source)
at org.springframework.ldap.core.LdapTemplate$3.executeSearch(LdapTemplate.java:231)
at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:293)
... 18 more
Cause
This error occurs when a filter request is made to the LDAP server with bad syntax.
Example:
Problem filter:
Group Object Filter = (objectCategory=Group)(cn=jiragroups)
Should be:
Group Object Filter = (&(objectCategory=Group)(cn=jiragroups))
Resolution
- Edit your LDAP directory configuration within JIRA
- Check your filter configurations for both the Users Schema and Groups Schema
Please see our Troubleshooting LDAP User Management documentation for further assistance with diagnosing LDAP problems.
Last modified on Nov 2, 2018
Powered by Confluence and Scroll Viewport.