-
Type:
Bug
-
Resolution: Fixed
-
Priority:
Medium
-
Affects Version/s: 6.0.7
-
Component/s: Directory - LDAP
-
None
-
1
-
Severity 3 - Minor
Issue Summary
In Confluence 9.2, after setting up a clustered LDAP user directory, the full and incremental synchronization fails and, as a result, users are not updated in Confluence and some experience login issues.
The clustered LDAP system could be fronted by a Virtual Directory Server (VDS) or any mirroring technology.
Steps to Reproduce
- Setup a Clustered LDAP system
- Connect the clustered LDAP system as a User Directory in Confluence
- Synchronize the User Directory in Confluence
Expected Results
The user directory should be able to perform full and incremental synchronizations without any errors
Actual Results
The synchronization fails with the following error captured in the atlassian-confluence.log file:
2025-07-04 01:55:07,178 INFO [Caesium-1-3] [directory.ldap.util.DirectoryAttributeRetriever] getValueFromExternalIdAttribute Skipping attribute objectGUID because its value <\\uFFFD|\\uBCD7\\u0012/H\\uFFFD(\\uFFFD&qz-\\uFFFD> is not XML safe
2025-07-04 01:56:07,269 ERROR [Caesium-1-1] [atlassian.crowd.directory.DbCachingRemoteDirectory] synchroniseCache Exception occured when performing full synchronization
com.atlassian.crowd.exception.OperationFailedException: No highestCommittedUSN attribute found for AD root
Workaround
Change the directory Implementation class and ldap.external.id.
- Before
Implementation class: com.atlassian.crowd.directory.MicrosoftActiveDirectory ldap.external.id: objectGUID
- After
Implementation class: com.atlassian.crowd.directory.GenericLDAP ldap.external.id: entryUUID
VDS or other proxies for the ldap system do not expose the attribute that the Microsoft AD Connector is trying to fetch. The generic ldap adapter doesn't use the same method and therefore this issue cannot occur. User directory should sync successfully after this change.
- details
-
-
- Closed
-
- mentioned in
-
Page Loading...