Jira application logs "Could not add the following entity to the directory [ Crowd Internal Directory ]: <username>"
Problem
Whenever JIRA runs a directory synchronization, the log is populated with the above warning messages related to adding usernames. The following appears in the atlassian-jira.log
Caesium-1-4 WARN ServiceRunner [c.a.crowd.directory.DbCachingRemoteChangeOperations] Could not add the following entity to the directory [ Crowd Internal Directory ]: <user>
Diagnosis
Environment
Active Directory, LDAP directory, apache LDAP
Diagnostic Steps
Enable debug/TRACE logging on the package com.atlassian.crowd.directory from Administration - > System - > Logging and Profiling - > Package name (com.atlassian.crowd.directory) to provide additional information to identify the groups and users picked by the synchronization job from the remote directory.
Cause
The warning message, Could not add the following entity to the directory [Crowd Internal Directory ] has been found to occur both in the context of groups and users. This happens whenever JIRA recognizes a change to a user or group, but is not able to add the user or group into the cwd_user or cwd_group table. Some of the known reasons for them are
It picked up duplicate results for a user search. E.g. for user Joe, it can be identified from both dn=cn=joe and dn=uid=joe. This causes the first scan of the user to pick it up as add/update and the next scan as unmodified, since it has already been updated in the cwd_user table. At the end of scan it would throw the warning that it could not add the entry.
LDAP syncCaesium-1-2 TRACE ServiceRunner [c.a.c.d.ldap.mapper.UserContextMapper] Created user <com.atlassian.crowd.model.user.LDAPUserWithAttributes@67eo56[dn=cn=xxxxx@company.com,ou=people,dc=bsc,dc=Atlassian,dc=com,directoryId=10000,name=xxxxx@company.com,active=true,emailAddress=xxxxx@company.com,firstName=xxxxx,lastName=xxxxx,displayName=xxxxx xxxxx,externalId=7565ghg-7686-45hu-2345-69gf8343krt56,attributes={}]> from DN <cn=xxxxx@company.com,ou=people,dc=bsc,dc=Atlassian,dc=com> ..... Caesium-1-2 TRACE ServiceRunner [c.a.c.d.ldap.mapper.UserContextMapper] Created user <com.atlassian.crowd.model.user.LDAPUserWithAttributes@68er86[dn=uid=xxxxx@company.com,ou=people,dc=bsc,dc=Atlassian,dc=com,directoryId=10000,name=xxxxx@company.com,active=true,emailAddress=xxxxx@company.com,firstName=xxxxx,lastName=xxxxx,displayName=xxxxx xxxxx,externalId=7845fsf-5646-67yh-9798-406565gfe6002,attributes={}]> from DN <uid=xxxxx@company.com,ou=people,dc=bsc,dc=Atlassian,dc=com> ..... Caesium-1-1 TRACE ServiceRunner [c.a.crowd.directory.DbCachingRemoteChangeOperations] scanning users to add or update - (1079/1300 - 83.0%) 25ms elapsed Caesium-1-1 DEBUG ServiceRunner [c.a.crowd.directory.DbCachingRemoteChangeOperations] user [ xxxxx@company.com ] not found, adding ... Caesium-1-1 TRACE ServiceRunner [c.a.crowd.directory.DbCachingRemoteChangeOperations] scanning users to add or update - (1231/1300 - 94.6%) 39ms elapsed Caesium-1-1 TRACE ServiceRunner [c.a.crowd.directory.DbCachingRemoteChangeOperations] user [ xxxx@company.com ] unmodified, skipping
- The group description is too big to be entered into the cwd_group as documented under - JRASERVER-43495Getting issue details... STATUS
Resolution
Identify whether the issue is with synchronizing group or User. In addition to logging on the provided package, enable sql logging if needed to identify the actual error while inserting or updating to the database. In case of the group, change the column width.