Uploaded image for project: 'Crowd Data Center'
  1. Crowd Data Center
  2. CWD-1790

Error when refusing to add a user or change a password over a non-SSL Active Directory connection is uninformative

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Won't Fix
    • Icon: Low Low
    • None
    • 2.0.3
    • Directory - LDAP
    • None

    • Linux server, JDK 1.5.0, Windows 2003 Server for AD backend

      When attempting to create a user or change a password over a non-SSL connection, you'll get a cryptic error (which is tenuously connected in the documentation to the fact that you need to configure an SSL connection). I think it would be much better if Crowd simply informed the user that it was not possible to take these actions over a non-SSL LDAP connection.

      The error I get in this case is this:

      Entity Invalid: [com.atlassian.crowd.integration.model.user.UserTemplateWithAttributes@45f778[name=another.test,directoryId=32770,active=true,emailAddress=anothertest@demiurgestudios.com,firstName=Another,lastName=Test,displayName=Another Test,iconLocation=]] with error: [LDAP: error code 53 - 0000001F: SvcErr: DSID-031A0FC0, problem 5003 (WILL_NOT_PERFORM), data 0 ]; nested exception is javax.naming.OperationNotSupportedException: [LDAP: error code 53 - 0000001F: SvcErr: DSID-031A0FC0, problem 5003 (WILL_NOT_PERFORM), data 0 ]; remaining name 'cn=another.test, OU=All Users,OU=Demiurge,DC=DEMIURGE,DC=LOCAL'

            [CWD-1790] Error when refusing to add a user or change a password over a non-SSL Active Directory connection is uninformative

            Mareusz (Inactive) added a comment -

            Thank you for taking the time to file and comment on this issue. Feedback like yours helps us release valuable Crowd features that solve problems for the greater customer base. To that end, we aim to keep our issues up-to-date so that they accurately reflect current customer needs. Because there has been no customer activity on this issue in a long time, we have marked it as closed. If you still feel that this issue is still relevant to your needs, please feel free to raise a new issue and link to this one.

            If you would like to see how we select features for a new release, please read http://confluence.atlassian.com/display/DEV/Implementation+of+New+Features+Policy.

            Mareusz (Inactive) added a comment - Thank you for taking the time to file and comment on this issue. Feedback like yours helps us release valuable Crowd features that solve problems for the greater customer base. To that end, we aim to keep our issues up-to-date so that they accurately reflect current customer needs. Because there has been no customer activity on this issue in a long time, we have marked it as closed. If you still feel that this issue is still relevant to your needs, please feel free to raise a new issue and link to this one. If you would like to see how we select features for a new release, please read  http://confluence.atlassian.com/display/DEV/Implementation+of+New+Features+Policy .

            adesso health solutions GmbH added a comment -

            The exact error for refusing passwordchange because it doesn't match the policy is:

            LDAP: error code 53 - 0000052D: SvcErr: DSID-031A11E5, problem 5003 (WILL_NOT_PERFORM

            adesso health solutions GmbH added a comment - The exact error for refusing passwordchange because it doesn't match the policy is: LDAP: error code 53 - 0000052D: SvcErr: DSID-031A11E5, problem 5003 (WILL_NOT_PERFORM

            Andrew Moise added a comment -

            It's worth mentioning that this is also the error you get if the AD server is refusing to change a password because it doesn't meet the policy, and also (according to http://forums.atlassian.com/thread.jspa?messageID=257275704&) the error you'll get if the AD user Crowd is configured to use doesn't have the appropriate permissions.

            Cheers.

            Andrew Moise added a comment - It's worth mentioning that this is also the error you get if the AD server is refusing to change a password because it doesn't meet the policy, and also (according to http://forums.atlassian.com/thread.jspa?messageID=257275704& ) the error you'll get if the AD user Crowd is configured to use doesn't have the appropriate permissions. Cheers.

              Unassigned Unassigned
              andrew.moise Andrew Moise
              Affected customers:
              2 This affects my team
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved: