Trying to synchronize a large, remote active directory fails every time. We have increased the read, search, and connection timeouts. We've tried incremental vs full synchronizations. We are having no trouble with a large, local, active directory.
After manually starting a synchronization, refreshing the User Directories page will show the user group it's currently syncing. After a while, refreshing the User Directories page shows the same user group over and over, and eventually it will say 'Synchronisation failed. See server logs for details." There are no entries mentioning AD syncing in any of the logs within the /opt/atlassian/stash/3.2.0/logs/ directory. The failure occurs at random times, between 10 and 4000 seconds.
This has caused team members to not be able to log in to Stash after changing their AD account password. The problem has existed for several weeks.
When syncing a user group fails, is it possible to get Stash to try again, or skip to the next user group?
Hi Andrew, for large LDAP directory the recommendation is use delegated authentication, instead of using the connector directory type (the one the performs sync). If this is not an option for you, you may consider reducing the synchronization scope with a more restrictive OU, or creating a filter.
Additional to that, since you mentioned that you're using AD, we've seen customer reporting that they've improved synchronization performance and avoided some issues when using the global catalog port (3268), instead of the default port (389) in the LDAP configuration. You may be interested in checking if it helps.
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
We're bringing product updates and pro tips on teamwork to ten cities around the world.Save your spot