Are you in the loop? Keep up with the latest by making sure you're subscribed to Community Announcements. Just click Watch and select Articles.

Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root


1 badge earned


Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!


Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.


Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!


LDAP Connection Sync issues - Users can't login often



we have a Jira Server Instance with a connected Microsoft Active Directory user directory. 

Since we upgraded to Jira 8.* we have massive problems with the LDAP sync.

Very often users are not able to login. Most often the automatic sync times out. 

When users complain about not being able to login we try to trigger the sync manually. Sometimes it works then. 

Maybe someone has an idea of what to do?

We found this error message in our logs:

Caesium-1-2 ERROR ServiceRunner [] Incremental synchronisation for directory [ 10000 ] was unexpectedly interrupted, falling back to a full synchronisation
org.springframework.ldap.UncategorizedLdapException: Uncategorized exception occured during LDAP processing; nested exception is javax.naming.NamingException: LDAP response read timed out, timeout used: 600000 ms.; remaining name '/'
at com.atlassian.crowd.audit.NoOpAuditLogContext.withAuditLogSource(
at com.atlassian.scheduler.core.JobLauncher.runJob(
at com.atlassian.scheduler.core.JobLauncher.launchAndBuildResponse(
at com.atlassian.scheduler.core.JobLauncher.launch(
at com.atlassian.scheduler.caesium.impl.CaesiumSchedulerService.launchJob(
at com.atlassian.scheduler.caesium.impl.CaesiumSchedulerService.executeClusteredJob(
at com.atlassian.scheduler.caesium.impl.CaesiumSchedulerService.executeClusteredJobWithRecoveryGuard(
at com.atlassian.scheduler.caesium.impl.CaesiumSchedulerService.executeQueuedJob(
at com.atlassian.scheduler.caesium.impl.SchedulerQueueWorker.executeJob(
at com.atlassian.scheduler.caesium.impl.SchedulerQueueWorker.executeNextJob(
at java.base/ Source)
Caused by: javax.naming.NamingException: LDAP response read timed out, timeout used: 600000 ms.; remaining name '/'
at java.naming/com.sun.jndi.ldap.LdapRequest.getReplyBer(Unknown Source)
at java.naming/com.sun.jndi.ldap.Connection.readReply(Unknown Source)
at java.naming/com.sun.jndi.ldap.LdapClient.getSearchReply(Unknown Source)
at java.naming/ Source)
at java.naming/com.sun.jndi.ldap.LdapCtx.doSearch(Unknown Source)
at java.naming/com.sun.jndi.ldap.LdapCtx.c_search(Unknown Source)
at java.naming/com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(Unknown Source)
at java.naming/ Source)
at java.naming/ Source)
at java.base/jdk.internal.reflect.GeneratedMethodAccessor746.invoke(Unknown Source)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.base/java.lang.reflect.Method.invoke(Unknown Source)
at org.springframework.ldap.transaction.compensating.manager.TransactionAwareDirContextInvocationHandler.invoke(
at com.sun.proxy.$ Source)
... 24 more

WARNING [ContainerBackgroundProcessor[StandardEngine[Catalina]]] org.apache.catalina.valves.StuckThreadDetectionValve.notifyStuckThreadDetected Thread [http-nio-8090-exec-11 url: /plugins/servlet/embedded-crowd/directories/troubleshoot/; user:] (id=[29]) has been active for [127,419] milliseconds (since [6/11/22 1:58 PM]) to serve the same request for [xxx/plugins/servlet/embedded-crowd/directories/troubleshoot/] and may be stuck (configured threshold for this StuckThreadDetectionValve is [120] seconds). There is/are [1] thread(s) in total that are monitored by this Valve and may be stuck.
at java.base@11.0.13/jdk.internal.misc.Unsafe.park(Native Method)
at java.base@11.0.13/java.util.concurrent.locks.LockSupport.parkNanos(Unknown Source)
at java.base@11.0.13/java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject.awaitNanos(Unknown Source)
at java.base@11.0.13/java.util.concurrent.LinkedBlockingQueue.poll(Unknown Source)
at java.naming@11.0.13/com.sun.jndi.ldap.LdapRequest.getReplyBer(Unknown Source)
at java.naming@11.0.13/com.sun.jndi.ldap.Connection.readReply(Unknown Source)
at java.naming@11.0.13/com.sun.jndi.ldap.LdapClient.getSearchReply(Unknown Source)
at java.naming@11.0.13/ Source)
at java.naming@11.0.13/com.sun.jndi.ldap.LdapCtx.doSearch(Unknown Source)
at java.naming@11.0.13/com.sun.jndi.ldap.LdapCtx.searchAux(Unknown Source)
at java.naming@11.0.13/com.sun.jndi.ldap.LdapCtx.c_search(Unknown Source)



2 answers


I believe what you are seeing is your LDAP is in periods overloaded and not able to answer queries and gives “connect timed out”. This could be caused by your LDAP directory settings where it by default is set to "Update group memberships on each login". Since Jira queries the LDAP server upon each login of all your users, this will put a lot of traffic towards the LDAP server.

A solution we have found to avoiding such problems is changing the user directory configuration “Update group memberships when logging in” and setting this to either “for newly added users only” or “Never”. This will mean that user login will not update group memberships. Memberships will then only be updated on each sync interval (which is by default every 60 minutes). We have seen that this is a satisfiable solution for several of our clients.


Please try this for your user directory that is failing and report back. Hopefully, this will make logins more stable.

Elias Brattli Sørensen
Kantega SSO

Hi Elias, 

thanks for your response. We already did what you wrote and there is no real change.  We are now in communication with the atlassian support team. Thanks a lot for your answer.

0 votes
Rilwan Ahmed
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Jun 13, 2022

Hi @SaSu 

I am afraid you are hit with a existing bug But I could give you some suggestion and you can try if it fixes.

1. Increase read timeout

Go to Administration > Users > User Directories
Edit the LDAP directory
Increase the value of Read Timeout

2.  Disable the Follow Referral option
Go to Administration > Users > User Directories
Edit the LDAP directory
Disable the Follow Referral option

Please note: If you are logged using the same AD, then I would suggest you to create a internal user, grant system admin access, log in using internal user and then perform the above two actions. 

3. Restart Jira and check if issue still exists. 

Hi @Rilwan Ahmed 

thanks for your answer and tips. 

We already did the two steps you mentioned. Thatd oes not change something.

Are you sure that it is the bug that is described in the issue? There is a different error message.

Rilwan Ahmed
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Jun 13, 2022

Hi @SaSu

I would suggest, raise an Atlassian Support ticket as your users have the impact. Run the sync and then attach the zip file for the ticket. 

Like SaSu likes this

Hi @Rilwan Ahmed 

we raised a support ticket. Thanks for helping!

Hi Sasu,


Did you able to resolve this issue?

Would you please guide me, what was the issue and how it resolved.

Thanks in advance

Suggest an answer

Log in or Sign up to answer
AUG Leaders

Atlassian Community Events