AD sync server based

I have been having Issues trying to get my MS AD LDAP to sync with JIRA server based.  I am getting a Failed sync. Below is what I am getting 

Jira AD.JPGThe configuration setup i have is below. Please let me know if there is a walk through that I may follow to fix this issue. Thank you 

ad.JPGad 4.JPG

 

4 answers

1 vote
Pedro Souza Atlassian Team Apr 27, 2015

Hi there,

 

Looking at your configuration, I would suggest to use "cn" in the field "Group Name Attribute, since "cn" is the attribute actually, and use the default filters, just to eliminate the possibility if a problematic filter causing this synchronisation failure.

Please, take a moment to Test the settings, to check in which step the synchronisation is failing, and also check what is being thrown in your $JIRA_HOME/log/atlassian-jira.log, so we can have more details.

Cheers.

 

 

Pedro Souza, 

      I am trying to find the path to the $JIRA_HOME/log/atlassian-jira.log on my server. 

Is this the path: C:\Program Files\Atlassian\JIRA\logs

Please let me know where the path is so I can get that information. 

I have found the Path: C:\Program Files\Atlassian\Application Data\JIRA\log 

What am I looking for in this file it has a lot of information in it

Pedro Souza Atlassian Team Apr 27, 2015

Try to synchronise, and check the updated lines in the bottom of the file. Have you tried to use the cn, and remove the filters as I suggested?

Hello,
When I try to login with a testuser that is in the Jira_user security group in AD I get this error.

{{""You do not have a permission to log in. If you think this is incorrect, please contact your <a href="http://jira.consilink.com/secure/ContactAdministrators!default.jspa">JIRA administrators</a>.""}}

This is the same user i used to using the JIRA test when adding AD.

I believe it maybe the issue that I am importing my backup from the Cloud based JIRA to my server based JIRA. Jira has its internal directory, my users have the same login in JIRA as they do in AD. Also when I do the sync with AD will my users lose the data that is attached to the JIRA internal directory account if i am using MS AD for my directory.


Below is the Log file the last sync. I after resetting back to defaults the Jira server did sync with AD. successfully. After adding the filter for just a security group for JIRA users. After using the built in test, that test passed. Now I am still getting the sync failure.
{{2015-04-28 08:13:00,006 atlassian-scheduler-quartz1.clustered_Worker-3 DEBUG [jira.web.filters.ThreadLocalQueryProfiler] PROFILED : 0 keys (0 unique) took 0ms/0ms : NaN%
2015-04-28 08:13:00,008 atlassian-scheduler-quartz1.local_Worker-3 DEBUG ServiceRunner Mail Queue Service [jira.web.filters.ThreadLocalQueryProfiler] PROFILED : 0 keys (0 unique) took 0ms/0ms : NaN%
2015-04-28 08:13:00,008 atlassian-scheduler-quartz1.local_Worker-3 DEBUG ServiceRunner [jira.web.filters.ThreadLocalQueryProfiler] PROFILED : 0 keys (0 unique) took 0ms/0ms : NaN%
2015-04-28 08:13:02,937 atlassian-scheduler-quartz1.clustered_Worker-4 DEBUG [jira.web.filters.ThreadLocalQueryProfiler] PROFILED : 0 keys (0 unique) took 0ms/0ms : NaN%
2015-04-28 08:13:09,819 atlassian-scheduler-quartz1.clustered_Worker-1 DEBUG [jira.web.filters.ThreadLocalQueryProfiler] PROFILED : 0 keys (0 unique) took 0ms/0ms : NaN%
2015-04-28 08:13:24,147 http-bio-80-exec-2 DEBUG sysadmin 493x3127x1 xfnlws 10.12.129.215 /plugins/servlet/embedded-crowd/directories/list [atlassian.util.profiling.UtilTimerStack] [132ms] - /plugins/servlet/embedded-crowd/directories/list
[0ms] - PermissionManager.hasPermission()
[0ms] - PermissionManager.hasPermission()
[0ms] - PermissionManager.hasPermission()
[1ms] - PermissionManager.hasProjects()
[0ms] - PermissionManager.hasPermission()
[1ms] - PermissionManager.hasPermission()
[0ms] - PermissionManager.hasPermission()
[0ms] - PermissionManager.hasPermission()
[1ms] - PermissionManager.hasPermission()
[0ms] - PermissionManager.hasPermission()
[0ms] - PermissionManager.hasPermission()
[0ms] - PermissionManager.hasPermission()
[0ms] - PermissionManager.hasPermission()
[1ms] - PermissionManager.hasProjects()
[1ms] - PermissionManager.hasProjects()
[1ms] - PermissionManager.hasProjects()
[1ms] - PermissionManager.hasProjects()
[1ms] - PermissionManager.hasProjects()
[1ms] - PermissionManager.hasProjects()
[1ms] - PermissionManager.hasPermission()
[0ms] - PermissionManager.hasPermission()
[0ms] - PermissionManager.hasPermission()

2015-04-28 08:13:24,147 http-bio-80-exec-2 DEBUG sysadmin 493x3127x1 xfnlws 10.12.129.215 /plugins/servlet/embedded-crowd/directories/list [jira.web.filters.ThreadLocalQueryProfiler] PROFILED : 0 keys (0 unique) took 0ms/132ms : 0.0%
2015-04-28 08:13:43,104 atlassian-scheduler-quartz1.clustered_Worker-4 DEBUG [jira.web.filters.ThreadLocalQueryProfiler] PROFILED : 0 keys (0 unique) took 0ms/0ms : NaN%
2015-04-28 08:13:43,544 http-bio-80-exec-2 DEBUG sysadmin 493x3132x1 xfnlws 10.12.129.215 /plugins/servlet/embedded-crowd/directories/sync [atlassian.util.profiling.UtilTimerStack] [6ms] - /plugins/servlet/embedded-crowd/directories/sync
[0ms] - PermissionManager.hasPermission()

2015-04-28 08:13:43,544 http-bio-80-exec-2 DEBUG sysadmin 493x3132x1 xfnlws 10.12.129.215 /plugins/servlet/embedded-crowd/directories/sync [jira.web.filters.ThreadLocalQueryProfiler] PROFILED : 0 keys (0 unique) took 0ms/6ms : 0.0%
2015-04-28 08:13:43,702 http-bio-80-exec-2 DEBUG sysadmin 493x3133x1 xfnlws 10.12.129.215 /plugins/servlet/embedded-crowd/directories/list [atlassian.util.profiling.UtilTimerStack] [114ms] - /plugins/servlet/embedded-crowd/directories/list
[0ms] - PermissionManager.hasPermission()
[0ms] - PermissionManager.hasPermission()
[0ms] - PermissionManager.hasPermission()
[1ms] - PermissionManager.hasProjects()
[0ms] - PermissionManager.hasPermission()
[0ms] - PermissionManager.hasPermission()
[0ms] - PermissionManager.hasPermission()
[1ms] - PermissionManager.hasPermission()
[0ms] - PermissionManager.hasPermission()
[0ms] - PermissionManager.hasPermission()
[0ms] - PermissionManager.hasPermission()
[0ms] - PermissionManager.hasPermission()
[0ms] - PermissionManager.hasPermission()
[1ms] - PermissionManager.hasProjects()
[1ms] - PermissionManager.hasProjects()
[1ms] - PermissionManager.hasProjects()
[1ms] - PermissionManager.hasProjects()
[1ms] - PermissionManager.hasProjects()
[1ms] - PermissionManager.hasProjects()
[0ms] - PermissionManager.hasPermission()
[0ms] - PermissionManager.hasPermission()
[1ms] - PermissionManager.hasPermission()

2015-04-28 08:13:43,703 http-bio-80-exec-2 DEBUG sysadmin 493x3133x1 xfnlws 10.12.129.215 /plugins/servlet/embedded-crowd/directories/list [jira.web.filters.ThreadLocalQueryProfiler] PROFILED : 0 keys (0 unique) took 0ms/116ms : 0.0%
2015-04-28 08:13:43,788 atlassian-scheduler-quartz1.clustered_Worker-1 ERROR [com.atlassian.scheduler.JobRunnerResponse] Unable to synchronise directory
com.atlassian.crowd.exception.OperationFailedException: java.util.concurrent.ExecutionException: com.atlassian.crowd.exception.OperationFailedException: org.springframework.ldap.CommunicationException: Request: 2 cancelled; nested exception is javax.naming.CommunicationException: Request: 2 cancelled; remaining name 'dc=consilink,dc=com'
at com.atlassian.crowd.directory.ldap.cache.UsnChangedCacheRefresher.synchroniseAllGroups(UsnChangedCacheRefresher.java:237)
at com.atlassian.crowd.directory.ldap.cache.AbstractCacheRefresher.synchroniseAll(AbstractCacheRefresher.java:91)
at com.atlassian.crowd.directory.ldap.cache.UsnChangedCacheRefresher.synchroniseAll(UsnChangedCacheRefresher.java:168)
at com.atlassian.crowd.directory.DbCachingRemoteDirectory.synchroniseCache(DbCachingRemoteDirectory.java:1122)
at com.atlassian.crowd.manager.directory.DirectorySynchroniserImpl.synchronise(DirectorySynchroniserImpl.java:76)
at com.atlassian.jira.crowd.embedded.JiraDirectorySynchroniser.synchronizeDirectory(JiraDirectorySynchroniser.java:96)
at com.atlassian.jira.crowd.embedded.JiraDirectorySynchroniser.runJob(JiraDirectorySynchroniser.java:60)
at com.atlassian.scheduler.core.JobLauncher.runJob(JobLauncher.java:136)
at com.atlassian.scheduler.core.JobLauncher.launchAndBuildResponse(JobLauncher.java:101)
at com.atlassian.scheduler.core.JobLauncher.launch(JobLauncher.java:80)
at com.atlassian.scheduler.quartz1.Quartz1Job.execute(Quartz1Job.java:32)
at org.quartz.core.JobRunShell.run(JobRunShell.java:223)
at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:549)
Caused by: java.util.concurrent.ExecutionException: com.atlassian.crowd.exception.OperationFailedException: org.springframework.ldap.CommunicationException: Request: 2 cancelled; nested exception is javax.naming.CommunicationException: Request: 2 cancelled; remaining name 'dc=consilink,dc=com'
at java.util.concurrent.FutureTask.report(Unknown Source)
at java.util.concurrent.FutureTask.get(Unknown Source)
at com.atlassian.crowd.directory.ldap.cache.UsnChangedCacheRefresher.synchroniseAllGroups(UsnChangedCacheRefresher.java:218)
... 12 more
Caused by: com.atlassian.crowd.exception.OperationFailedException: org.springframework.ldap.CommunicationException: Request: 2 cancelled; nested exception is javax.naming.CommunicationException: Request: 2 cancelled; remaining name 'dc=consilink,dc=com'
at com.atlassian.crowd.directory.SpringLDAPConnector.searchEntitiesWithRequestControls(SpringLDAPConnector.java:476)
at com.atlassian.crowd.directory.SpringLDAPConnector.searchEntities(SpringLDAPConnector.java:459)
at com.atlassian.crowd.directory.SpringLDAPConnector.searchGroupObjectsOfSpecifiedGroupType(SpringLDAPConnector.java:1236)
at com.atlassian.crowd.directory.SpringLDAPConnector.searchGroupObjects(SpringLDAPConnector.java:1272)
at com.atlassian.crowd.directory.SpringLDAPConnector.searchGroups(SpringLDAPConnector.java:1304)
at com.atlassian.crowd.directory.ldap.cache.UsnChangedCacheRefresher$3.call(UsnChangedCacheRefresher.java:157)
at com.atlassian.crowd.directory.ldap.cache.UsnChangedCacheRefresher$3.call(UsnChangedCacheRefresher.java:152)
at java.util.concurrent.FutureTask.run(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: org.springframework.ldap.CommunicationException: Request: 2 cancelled; nested exception is javax.naming.CommunicationException: Request: 2 cancelled; remaining name 'dc=consilink,dc=com'
at org.springframework.ldap.support.LdapUtils.convertLdapException(LdapUtils.java:108)
at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:397)
at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:309)
at com.atlassian.crowd.directory.ldap.SpringLdapTemplateWrapper$4.timedCall(SpringLdapTemplateWrapper.java:196)
at com.atlassian.crowd.directory.ldap.SpringLdapTemplateWrapper$4.timedCall(SpringLdapTemplateWrapper.java:193)
at com.atlassian.crowd.directory.ldap.SpringLdapTemplateWrapper.invokeWithContextClassLoader(SpringLdapTemplateWrapper.java:87)
at com.atlassian.crowd.directory.ldap.SpringLdapTemplateWrapper.search(SpringLdapTemplateWrapper.java:193)
at com.atlassian.crowd.directory.SpringLDAPConnector.pageSearchResults(SpringLDAPConnector.java:405)
... 11 more
Caused by: javax.naming.CommunicationException: Request: 2 cancelled; remaining name 'dc=consilink,dc=com'
at com.sun.jndi.ldap.LdapRequest.getReplyBer(Unknown Source)
at com.sun.jndi.ldap.Connection.readReply(Unknown Source)
at com.sun.jndi.ldap.LdapClient.getSearchReply(Unknown Source)
at com.sun.jndi.ldap.LdapClient.search(Unknown Source)
at com.sun.jndi.ldap.LdapCtx.doSearch(Unknown Source)
at com.sun.jndi.ldap.LdapCtx.c_search(Unknown Source)
at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(Unknown Source)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(Unknown Source)
at javax.naming.directory.InitialDirContext.search(Unknown Source) <+2>
at java.lang.reflect.Method.invoke(Unknown Source)
at org.springframework.ldap.transaction.compensating.manager.TransactionAwareDirContextInvocationHandler.invoke(TransactionAwareDirContextInvocationHandler.java:90)
at com.sun.proxy.$Proxy4060.search(Unknown Source)
at org.springframework.ldap.core.LdapTemplate$3.executeSearch(LdapTemplate.java:303)
at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:363)
... 18 more
2015-04-28 08:13:43,793 atlassian-scheduler-quartz1.clustered_Worker-1 DEBUG [jira.web.filters.ThreadLocalQueryProfiler] PROFILED : 0 keys (0 unique) took 0ms/244ms : 0.0% }}

Suggest an answer

Log in or Sign up to answer
Community showcase
Published yesterday in Statuspage

194 years of downtime: looking back on incident data from 2018

Statuspage customers logged more than 194 years of collective incidents in 2018. That’s a whopping 87% increase from the  104 years logged in 2017 , and we aren’t even through December yet....

56 views 1 5
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you