Uploaded image for project: 'Crowd'
  1. Crowd
  2. CWD-2713

USNChangedMapper throws NPEs if AD does not return the uSNChanged attribute

    XMLWordPrintable

    Details

      Description

      Customers have seen this error in their logs JIRA:

      2011-11-25 09:50:16,614 pool-20-thread-1 WARN ServiceRunner     [directory.ldap.mapper.UserContextMapper] Failed to map attribute <uSNChanged> from context with DN <cn=Delete ME. User,ou=scratch,dc=ad,dc=atlassian,dc=com>
      java.lang.NullPointerException
      	at com.atlassian.crowd.directory.ldap.mapper.attribute.USNChangedMapper.getValues(USNChangedMapper.java:28)
      	at com.atlassian.crowd.directory.ldap.mapper.UserContextMapper.mapFromContext(UserContextMapper.java:57)
      	at org.springframework.ldap.core.ContextMapperCallbackHandler.getObjectFromNameClassPair(ContextMapperCallbackHandler.java:67)
      	at org.springframework.ldap.core.CollectingNameClassPairCallbackHandler.handleNameClassPair(CollectingNameClassPairCallbackHandler.java:50)
      	at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:297)
      	at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:237)
      	at com.atlassian.crowd.directory.SpringLDAPConnector.pageSearchResults(SpringLDAPConnector.java:300)
      	at com.atlassian.crowd.directory.SpringLDAPConnector.searchEntitiesWithRequestControls(SpringLDAPConnector.java:366)
      	at com.atlassian.crowd.directory.SpringLDAPConnector.searchEntities(SpringLDAPConnector.java:351)
      	at com.atlassian.crowd.directory.SpringLDAPConnector.searchUserObjects(SpringLDAPConnector.java:541)
      	at com.atlassian.crowd.directory.SpringLDAPConnector.searchUsers(SpringLDAPConnector.java:910)
      	at com.atlassian.crowd.directory.ldap.cache.UsnChangedCacheRefresher$1.call(UsnChangedCacheRefresher.java:181)
      	at com.atlassian.crowd.directory.ldap.cache.UsnChangedCacheRefresher$1.call(UsnChangedCacheRefresher.java:176)
      	at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:303)
      	at java.util.concurrent.FutureTask.run(FutureTask.java:138)
      	at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
      	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
      	at java.lang.Thread.run(Thread.java:680)
      2011-11-25 09:50:16,615 pool-20-thread-1 INFO ServiceRunner     [directory.ldap.cache.UsnChangedCacheRefresher] found [ 2 ] remote users in [ 20ms ]
      

      It is occurring because the user used in the sync does not have permission to see the uSNChanged attribute.

      This is kinda interesting because it indicates that "incremental sync" will not work because the user does not have the correct permission.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              jwalton joe
              Reporter:
              bbain bain
              Votes:
              1 Vote for this issue
              Watchers:
              4 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: