Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Issues when connecting to LDAP - Microsoft Active Directory

Ian Bardecki
Ian Bardecki July 24, 2019

Hi,

We are trying to configure a user directory for the first time. I have poked around on the forums, but what I am finding doesn't seem to be helping us.

If we leave Additional User DN and Additional Group DN blank, we add everything and everybody. We'd like to clean that up by active employees only, so we created a Security Group, added all the active employees, and are now trying to add them into the system.

Quick Test performs successful.

We essentially a similar error some others have encountered with mixed results and fixes.

Below is what our current LDAP User Directory setup configuration looks like:


Name: LDAP Server
Directory Type: Microsoft Active Directory
Hostname: server.name.com
Port 339
Username: adminusername@example.com
Password: admin password
Base DN: DC=example,DC=com
Additional User DN: ou=security groups,ou=city
Additional Group DN: cn=security_group_name_here

Set to Read Only


org.springframework.ldap.NameNotFoundException: [LDAP: error code 32 - 0000208D: NameErr: DSID-03100238, problem 2001 (NO_OBJECT), data 0, best match of: 'DC=example,DC=com' ]; nested exception is javax.naming.NameNotFoundException: [LDAP: error code 32 - 0000208D: NameErr: DSID-03100238, problem 2001 (NO_OBJECT), data 0, best match of: 'DC=example,DC=com' ]; remaining name 'ou=city,ou=security groups,DC=example,DC=com'


Appreciate any help and assistance possible.


Answer
Watch
Like Be the first to like this
13523 views

1 answer

1 accepted

1 vote
Answer accepted
Andy Heinzer
Andy Heinzer
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
July 29, 2019

Hi Ian,

I see that you are trying to connect an LDAP user directory to Jira, but are encountering errors when doing so.

Your specific error here indicates

The data code in the example above is 0 which means that "Defined DN does not exist".

We have a helpful KB about various LDAP error codes in Common User Management Errors, where that message explains that specific error.  But in your examples, it's really difficult to say where the problem is.   I suspect the problem is somehow incorrectly referencing one or more directory objects, (for example, using an 'ou=' when the directory is expecting something like a 'cn='.   These can be really hard to troubleshoot remotely.

It looks like you're using Active Directory here.  If this Active Directory, and you're using Windows, I would recommend a utility like Active Directory Explorer.  This is a sysinternals utility that can make it a lot easier to make sure you are pulling the correct path, because it shows you the path when connected to AD.

If using any other platform, such as linux or mac client, OR a different LDAP like openLDAP, I would recommend a utility like Apache Directory Studio

Both of these utilities are helpful means to be able to connect your LDAP and make sure that the OU/CN/DN values you are trying to select are actually the correct name/syntax/spacing as expected by LDAP/AD.

Try using one of these and connect to your user directory, then see if you can copy the path/address for the user objects you want to sync, followed by the path for the groups that you want to Jira to sync.

Try this and let me know if this helps.

Andy

View More Comments
Ian Bardecki
Ian Bardecki August 8, 2019

Hi Andy - we were able to resolve this issue by utilizing the User Object Filter to set the path to the active end users.

Thanks for the assist!

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira Service Desk
Jira Service Management
TAGS
AUG Leaders

Atlassian Community Events

    See all events