Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Fixed
Priority: Medium
Fix Version/s: 5.2.7, 6.0-OD-07
Affects Version/s: 4.4
Component/s: None
Labels:

Introduced in Version:
4.04
Bug Fix Policy:
View Atlassian Server bug fix policy

Description

Symptom

When synchronising JIRA with LDAP, the synchronisation will fail when JIRA runs into a duplicate membership with the following in atlassian-jira.log:

2012-02-29 06:24:30,407 QuartzWorker-0 ERROR ServiceRunner     [atlassian.crowd.directory.DbCachingDirectoryPoller] Error occurred while refreshing the cache for directory [ 10301 ].
com.atlassian.crowd.embedded.ofbiz.db.DataAccessException: org.ofbiz.core.entity.GenericEntityException: while inserting: [GenericEntity:Membership][id,2537859][membershipType,GROUP_GROUP][lowerParentName,development-group][parentId,96939][childId,89522][childName,johndoe][lowerChildName,johndoe][directoryId,10301][parentName,Development-Group] (SQL Exception while executing the following:INSERT INTO public.cwd_membership (ID, parent_id, child_id, membership_type, group_type, parent_name, lower_parent_name, child_name, lower_child_name, directory_id) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?) (ERROR: duplicate key value violates unique constraint "uk_mem_parent_child_type"))
	at com.atlassian.crowd.embedded.ofbiz.db.OfBizHelper.createValue(OfBizHelper.java:167)
	at com.atlassian.crowd.embedded.ofbiz.OfBizInternalMembershipDao.createMembership(OfBizInternalMembershipDao.java:113)
	at com.atlassian.crowd.embedded.ofbiz.OfBizInternalMembershipDao.addGroupToGroup(OfBizInternalMembershipDao.java:120)
	at com.atlassian.crowd.embedded.ofbiz.OfBizDelegatingMembershipDao.addGroupToGroup(OfBizDelegatingMembershipDao.java:87)
	at com.atlassian.crowd.directory.AbstractInternalDirectory.addGroupToGroup(AbstractInternalDirectory.java:689)
	at com.atlassian.crowd.directory.DbCachingRemoteChangeOperations.addGroupMembershipsForGroup(DbCachingRemoteChangeOperations.java:829)
	at com.atlassian.crowd.directory.DirectoryCacheImplUsingChangeOperations.syncGroupMembersForGroup(DirectoryCacheImplUsingChangeOperations.java:142)
	at com.atlassian.crowd.directory.ldap.cache.AbstractCacheRefresher.synchroniseMemberships(AbstractCacheRefresher.java:159)
	at com.atlassian.crowd.directory.ldap.cache.AbstractCacheRefresher.synchroniseAll(AbstractCacheRefresher.java:44)
	at com.atlassian.crowd.directory.ldap.cache.UsnChangedCacheRefresher.synchroniseAll(UsnChangedCacheRefresher.java:223)
	at com.atlassian.crowd.directory.DbCachingRemoteDirectory.synchroniseCache(DbCachingRemoteDirectory.java:619)
	at com.atlassian.crowd.manager.directory.DirectorySynchroniserImpl.synchronise(DirectorySynchroniserImpl.java:63)
	at com.atlassian.crowd.directory.DbCachingDirectoryPoller.pollChanges(DbCachingDirectoryPoller.java:50)
	at com.atlassian.crowd.manager.directory.monitor.poller.DirectoryPollerJob.execute(DirectoryPollerJob.java:34)
	at org.quartz.core.JobRunShell.run(JobRunShell.java:195)
	at com.atlassian.multitenant.quartz.MultiTenantThreadPool$MultiTenantRunnable.run(MultiTenantThreadPool.java:72)
	at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:520)
Caused by: org.ofbiz.core.entity.GenericEntityException: while inserting: [GenericEntity:Membership][id,2537859][membershipType,GROUP_GROUP][lowerParentName,development-group][parentId,96939][childId,89522][childName,johndoe][lowerChildName,johndoe][directoryId,10301][parentName,Development-Group] (SQL Exception while executing the following:INSERT INTO public.cwd_membership (ID, parent_id, child_id, membership_type, group_type, parent_name, lower_parent_name, child_name, lower_child_name, directory_id) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?) (ERROR: duplicate key value violates unique constraint "uk_mem_parent_child_type"))
	at org.ofbiz.core.entity.GenericDAO.singleInsert(GenericDAO.java:133)
	at org.ofbiz.core.entity.GenericDAO.insert(GenericDAO.java:98)
	at org.ofbiz.core.entity.GenericHelperDAO.create(GenericHelperDAO.java:64)
	at org.ofbiz.core.entity.GenericDelegator.create(GenericDelegator.java:489)
	at org.ofbiz.core.entity.GenericDelegator.create(GenericDelegator.java:469)
	at org.ofbiz.core.entity.GenericValue.create(GenericValue.java:80)
	at com.atlassian.crowd.embedded.ofbiz.db.OfBizHelper.createValue(OfBizHelper.java:162)
	... 16 more

Cause

This could be caused by casing changes in groups within the LDAP Directory - for example changing a group from space-marines to Space-Marines.

This may be similar to ~~CONF-22631~~. In that case, it was setup so that the synchronisation will complete even if Confluence ran into a duplicate membership. Instead of failing the sync, JIRA should log the duplicate and continue finishing the sync.

Workaround

Schedule a downtime window, as users will be unable to login during these changes.
Log in as an administrator within the JIRA Internal Directory. If one does not exist, create it.
Disable the problematic User Directory.
Create a new User Directory within JIRA, using the same settings as the old one.
Test the synchronisation and ensure that synchronisation completes successfully. If so, use this new directory.

If you have a User Directory set up with the Read Only, with Local Groups permission settings you will no longer have the local groups set up in the database when the user directory is disabled. The project roles will not be affected.

If you are using Microsoft AD, you can try to use the adsiedit.msc to change the SAMAccountName attribute for the users to lowercase in the LDAP.

Attachments

Issue Links

duplicates

CWD-2504 Synchronization with JIRA/Confluence fail with duplicate entry

Closed

JRASERVER-25685 User Directory Sync using Microsoft AD does not update groups correctly when changes are made to AD group

Gathering Impact

CONFSERVER-23213 Merge memberships for groups with duplicate names during LDAP directory sync

Gathering Interest

is related to

CWD-3147 If a user exists in two directories in an application, and is added to a group in one directory that it was already in the other, clients get duplicate key errors

Closed

Testing discovered

CWD-3773 Directory synchronisation fails when the name of a group changes in case

Closed

JRASERVER-31493 Directory synchronisation fails when the name of a nested group changes in case

Closed

mentioned in: Page Loading...; Page Loading...; Page Loading...; Page Loading...; Page Loading...; Page Loading...; Wiki Page Loading...; Wiki Page Loading...; Wiki Page Loading...; Wiki Page Loading...; Wiki Page Loading...; Wiki Page Loading...; Wiki Page Loading...; Page Loading...; Page Loading...; Page Loading...; Wiki Page Loading...; Wiki Page Loading...; Wiki Page Loading...; Wiki Page Loading...

(1 Testing discovered, 20 mentioned in)

Activity

People

Assignee:: Michal Orzechowski (Inactive)

Reporter:: David Chan

Votes:: 13 Vote for this issue

Watchers:: 34 Start watching this issue

Dates

Created:: 02/Mar/2012 12:36 AM

Updated:: 03/Nov/2021 12:48 PM

Resolved:: 21/Feb/2013 2:21 PM