Jira server stops authenticating Active Directory users with highestCommittedUSN error

Related content

  • No related content found

Still need help?

The Atlassian Community is here for you.

Ask the community

Problem

JIRA integrated with Active Directory stops authenticating users after a while. The following appears in the atlassian-jira.log:

2017-03-30 13:25:13,161 scheduler_Worker-9 INFO [atlassian.crowd.directory.DbCachingRemoteDirectory] synchronisation for directory [ 3964929 ] starting
2017-03-30 13:25:13,163 scheduler_Worker-9 INFO [atlassian.crowd.directory.DbCachingRemoteDirectory] failed synchronisation complete for directory [ 3964929 ] in [ 2ms ]
2017-03-30 13:25:13,171 scheduler_Worker-9 ERROR [atlassian.crowd.directory.DbCachingDirectoryPoller] Error occurred while refreshing the cache for directory [ 3964929 ].
com.atlassian.crowd.exception.OperationFailedException: Error looking up attributes for highestCommittedUSN
	at com.atlassian.crowd.directory.MicrosoftActiveDirectory.fetchHighestCommittedUSN(MicrosoftActiveDirectory.java:847)
	at com.atlassian.crowd.directory.ldap.cache.UsnChangedCacheRefresher.synchroniseChanges(UsnChangedCacheRefresher.java:80)
	at com.atlassian.crowd.directory.DbCachingRemoteDirectory.synchroniseCache(DbCachingRemoteDirectory.java:993)
        ...
Caused by: org.springframework.ldap.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903D9, comment: AcceptSecurityContext error, data 775, v2580 ]; nested exception is javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903D9, comment: AcceptSecurityContext error, data 775, v2580 ]
	at org.springframework.ldap.support.LdapUtils.convertLdapException(LdapUtils.java:182)
	at org.springframework.ldap.core.support.AbstractContextSource.createContext(AbstractContextSource.java:266)
	at org.springframework.ldap.core.support.AbstractContextSource.getContext(AbstractContextSource.java:106)
        ...
	... 20 more
Caused by: javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903D9, comment: AcceptSecurityContext error, data 775, v2580 ]
	at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3135)
	at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3081)
	at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2883)
        ....
	... 30 more
Confluence integrated with Active Directory stops authenticating and User directory Synchronization getting failed and following logs in the atlassian-confluence.log:


2020-10-27 14:08:44,183 ERROR [Caesium-1-3] [atlassian.crowd.directory.DbCachingDirectoryPoller] pollChanges Error occurred while refreshing the cache for directory [ 57835521 ].
com.atlassian.crowd.exception.OperationFailedException: No highestCommittedUSN attribute found for AD root
	at com.atlassian.crowd.directory.MicrosoftActiveDirectory.fetchHighestCommittedUSN(MicrosoftActiveDirectory.java:700)
	at com.atlassian.crowd.directory.ldap.cache.UsnChangedCacheRefresher.synchroniseAll(UsnChangedCacheRefresher.java:148)
	at com.atlassian.crowd.directory.DbCachingRemoteDirectory.synchroniseCache(DbCachingRemoteDirectory.java:978)
	at com.atlassian.crowd.manager.directory.DirectorySynchroniserImpl.synchronise(DirectorySynchroniserImpl.java:67)


Cause

Active Directory Clustering is not supported by Crowd or Embedded Crowd. See  CWD-2783 - Getting issue details... STATUS .

Resolution 1

Change the LDAP server to point to one server.

Resolution 2

Just change the Active User directory to switch from "Microsoft Active Directory" to "Generic Directory Server" and click on synchronize

Last modified on Jan 24, 2022

Was this helpful?

Yes
No
Provide feedback about this article

Related content

  • No related content found
Powered by Confluence and Scroll Viewport.