Details
-
Bug
-
Resolution: Obsolete
-
Low
-
None
-
2.6.5
-
None
-
Severity 3 - Minor
-
Description
Symptoms
If using an incremental sync, and on the directory server the location of a group is changed, then on the next sync, it will fail. This affects Crowd, and all applications using Embedded Crowd. An error like below will be shown in the logs:
2013-09-09 14:49:36,754 scheduler_Worker-8 ERROR [atlassian.crowd.directory.DbCachingRemoteDirectory] Incremental synchronisation was unexpectedly interrupted, falling back to a full synchronisation org.springframework.ldap.NameNotFoundException: [LDAP: error code 32 - 0000208D: NameErr: DSID-031001CD, problem 2001 (NO_OBJECT), data 0, best match of: 'OU=Groups,DC=sydney,DC=atlassian,DC=com' ]; nested exception is javax.naming.NameNotFoundException: [LDAP: error code 32 - 0000208D: NameErr: DSID-031001CD, problem 2001 (NO_OBJECT), data 0, best match of: 'OU=Groups,DC=sydney,DC=atlassian,DC=com' ]; remaining name 'cn=another test,ou=groups,dc=sydney,dc=atlassian,dc=com' at org.springframework.ldap.support.LdapUtils.convertLdapException(LdapUtils.java:174) at org.springframework.ldap.core.LdapTemplate.executeWithContext(LdapTemplate.java:810) at org.springframework.ldap.core.LdapTemplate.executeReadOnly(LdapTemplate.java:793) at org.springframework.ldap.core.LdapTemplate.lookup(LdapTemplate.java:935) at com.atlassian.crowd.directory.ldap.LdapTemplateWithClassLoaderWrapper$9.call(LdapTemplateWithClassLoaderWrapper.java:159) at com.atlassian.crowd.directory.ldap.LdapTemplateWithClassLoaderWrapper.invokeWithContextClassLoader(LdapTemplateWithClassLoaderWrapper.java:54) at com.atlassian.crowd.directory.ldap.LdapTemplateWithClassLoaderWrapper.lookup(LdapTemplateWithClassLoaderWrapper.java:155) at com.atlassian.crowd.directory.RFC4519Directory.findDirectMembersOfGroup(RFC4519Directory.java:898) at com.atlassian.crowd.directory.RFC4519DirectoryMembershipsIterable$2.apply(RFC4519DirectoryMembershipsIterable.java:77) at com.atlassian.crowd.directory.RFC4519DirectoryMembershipsIterable$2.apply(RFC4519DirectoryMembershipsIterable.java:69) at com.google.common.collect.Iterators$8.next(Iterators.java:782) at com.atlassian.crowd.directory.ldap.cache.AbstractCacheRefresher.synchroniseMemberships(AbstractCacheRefresher.java:126) at com.atlassian.crowd.directory.ldap.cache.UsnChangedCacheRefresher.synchroniseGroupChanges(UsnChangedCacheRefresher.java:258) at com.atlassian.crowd.directory.ldap.cache.UsnChangedCacheRefresher.synchroniseChanges(UsnChangedCacheRefresher.java:81) at com.atlassian.crowd.directory.DbCachingRemoteDirectory.synchroniseCache(DbCachingRemoteDirectory.java:629) at com.atlassian.crowd.manager.directory.DirectorySynchroniserImpl.synchronise(DirectorySynchroniserImpl.java:63) at com.atlassian.crowd.directory.DbCachingDirectoryPoller.pollChanges(DbCachingDirectoryPoller.java:50) at com.atlassian.crowd.manager.directory.monitor.poller.DirectoryPollerJobBean.executeInternal(DirectoryPollerJobBean.java:29) at org.springframework.scheduling.quartz.QuartzJobBean.execute(QuartzJobBean.java:113) at org.quartz.core.JobRunShell.run(JobRunShell.java:203) at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:520) Caused by: javax.naming.NameNotFoundException: [LDAP: error code 32 - 0000208D: NameErr: DSID-031001CD, problem 2001 (NO_OBJECT), data 0, best match of: 'OU=Groups,DC=sydney,DC=atlassian,DC=com' ]; remaining name 'cn=another test,ou=groups,dc=sydney,dc=atlassian,dc=com' at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3092) at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3013) at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2820) at com.sun.jndi.ldap.LdapCtx.c_getAttributes(LdapCtx.java:1312) at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_getAttributes(ComponentDirContext.java:213) at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.getAttributes(PartialCompositeDirContext.java:121) at javax.naming.directory.InitialDirContext.getAttributes(InitialDirContext.java:133) at sun.reflect.GeneratedMethodAccessor342.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.springframework.ldap.transaction.compensating.manager.TransactionAwareDirContextInvocationHandler.invoke(TransactionAwareDirContextInvocationHandler.java:92) at com.sun.proxy.$Proxy154.getAttributes(Unknown Source) at org.springframework.ldap.core.LdapTemplate$17.executeWithContext(LdapTemplate.java:937) at org.springframework.ldap.core.LdapTemplate.executeWithContext(LdapTemplate.java:807) ... 19 more
Workaround
Use any version of Crowd that includes CWD-3188, so that a failed incremental sync will fall back to a full sync.