Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Celebration

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root

Avatar

1 badge earned

Collect

Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!

Challenges
Coins

Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.

Recognition
Ribbon

Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!

Leaderboard

Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,467,726
Community Members
 
Community Events
177
Community Groups

Jira Active Directory sync problems 57

Hi,

After the latest update (8.22.3) I've been experiencing problems with LDAP/AD Sync.

I have two LDAP user directories in Jira*, one for "Users", one for "Customers" and both are synced from the same Domain Controller. 
The User Directory settings in both have slight difference in OU structure and group memberships but are otherwise identical.
This problem only manifests in the "Customer" directory while "Users" directory sync works flawlessly, and I stress this, with the same service account used in syncing.

Error message from the logs:

2022-06-07 04:58:07,094+0000 Caesium-1-2 ERROR ServiceRunner [c.a.crowd.directory.DbCachingDirectoryPoller] Error occurred while refreshing the cache for directory [ 10100 ].
com.atlassian.crowd.exception.OperationFailedException: java.util.concurrent.ExecutionException: com.atlassian.crowd.exception.OperationFailedException: org.springframework.transaction.CannotCreateTransactionException: Could not create DirContext instance for transaction; nested exception is org.springframework.ldap.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C090439, comment: AcceptSecurityContext error, data 57, v4563^@]; nested exception is javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C090439, comment: AcceptSecurityContext error, data 57, v4563^@]

(data 57 seems to be undocumented/reserved in LDAP wiki.)

This problem persists until I start to fiddle with the User Directory configs, this can take from couple of minutes to couple of hours, mainly changing account used to sync and suddenly it starts working again with the original account.

Problem can occur in Jira while Jira Service Management is unaffected and vice versa.

Problem also reoccurs after a day or two.

Account is and have been active this whole time and is used in the user directory sync without fail.

I'm using the official docker images.

*This problem occurs in both Jira and Jira Service Management Data Center editions (not clustered).

 

Any ideas what causes this/how can I fix this?

4 answers

1 accepted

1 vote
Answer accepted

It appears that the bug fixes in 8.22.6 have resolved our issue.  Directory synchronization is now working without having to recreate the AD connections.

Hi, I have a similar problem with AD and Jira / Confluence since the last update.

I have to add the AD password again and test/save it. Sometimes more than once until it works again. 

After restart the same problem again.

Error message:
org.springframework.transaction.CannotCreateTransactionException: Could not create DirContext instance for transaction; nested exception is org.springframework.ldap.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C09044E, comment: AcceptSecurityContext error, data 57, v2580]; nested exception is javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C09044E, comment: AcceptSecurityContext error, data 57, v2580]

 

Workaround as mentioned before: Add the AD password again and save / test it until it works again.

Same issue with both 8.22.3 and 8.22.4 as updated on 29/06/2022.  Any help on a more permeant solution would be appreciated.

@Patrick PatrickWe are experienceing this issue as well. Have you managed to find a more permanent solution to this issue?

Sorry, no.  Our only working solution at this point is to remove and re-add the entry.

Same problem with Jira 8.22.4 without Service Desk

0 votes

I am unable to create a jira request for our website. https://www.cordlifeindia.com/

Same issue with 8.22.4

Same AD, different OUs.

Apparently with the function to "update the user attributes on login" my users are able to login.

Suggest an answer

Log in or Sign up to answer