Uploaded image for project: 'Jira Data Center'
  1. Jira Data Center
  2. JRASERVER-29025

Mixed case usernames breaks the connection between JIRA and LDAP for User Management

    XMLWordPrintable

Details

    Description

      If the cases in the remote and local User Directories are mismatched, synchronisation will fail.

      The following may be found within atlassian-jira.log:

      atlassian-jira.log
      2012-07-19 12:05:53,693 QuartzWorker-1 INFO ServiceRunner     [directory.ldap.cache.RemoteDirectoryCacheRefresher] found [ 7 ] remote users in [ 30ms ]
2012-07-19 12:05:53,695 QuartzWorker-1 INFO ServiceRunner     [atlassian.crowd.directory.DbCachingRemoteChangeOperations] scanning [ 7 ] users to add or update
2012-07-19 12:05:53,695 QuartzWorker-1 WARN ServiceRunner     [atlassian.crowd.directory.DbCachingRemoteChangeOperations] remote username [ DavidC ] casing differs from local username [ davidc ]. User details will be kept updated, but the username cannot be updated
2012-07-19 12:05:53,695 QuartzWorker-1 INFO ServiceRunner     [atlassian.crowd.directory.DirectoryCacheImplUsingChangeOperations] scanned and compared [ 7 ] users for update in DB cache in [ 1ms ]
2012-07-19 12:05:53,695 QuartzWorker-1 INFO ServiceRunner     [atlassian.crowd.directory.DirectoryCacheImplUsingChangeOperations] synchronised [ 7 ] users in [ 1ms ]
2012-07-19 12:05:53,696 QuartzWorker-1 INFO ServiceRunner     [atlassian.crowd.directory.DbCachingRemoteChangeOperations] scanned and compared [ 7 ] users for delete in DB cache in [ 1ms ]
2012-07-19 12:05:53,696 QuartzWorker-1 INFO ServiceRunner     [atlassian.crowd.directory.DbCachingRemoteChangeOperations] scanned for deleted users in [ 1ms ]
2012-07-19 12:05:53,732 QuartzWorker-1 INFO ServiceRunner     [directory.ldap.cache.RemoteDirectoryCacheRefresher] found [ 23 ] remote groups in [ 36ms ]
2012-07-19 12:05:53,732 QuartzWorker-1 INFO ServiceRunner     [atlassian.crowd.directory.DirectoryCacheImplUsingChangeOperations] scanning [ 23 ] groups to add or update
2012-07-19 12:05:53,734 QuartzWorker-1 INFO ServiceRunner     [atlassian.crowd.directory.DbCachingRemoteChangeOperations] scanned and compared [ 23 ] groups for update in DB cache in [ 2ms ]
2012-07-19 12:05:53,734 QuartzWorker-1 INFO ServiceRunner     [atlassian.crowd.directory.DirectoryCacheImplUsingChangeOperations] synchronized [ 23 ] groups in [ 2ms ]
2012-07-19 12:05:53,736 QuartzWorker-1 INFO ServiceRunner     [atlassian.crowd.directory.DbCachingRemoteChangeOperations] scanned and compared [ 23 ] groups for delete in DB cache in [ 2ms ]
2012-07-19 12:05:53,812 QuartzWorker-1 INFO ServiceRunner     [directory.ldap.cache.AbstractCacheRefresher] found [ 2 ] remote user-group memberships, [ 0 ] remote group-group memberships in [ 0ms ]
2012-07-19 12:05:53,813 QuartzWorker-1 INFO ServiceRunner     [atlassian.crowd.directory.DbCachingRemoteChangeOperations] added [ 1 ] user members to [ ad-bamboo-admin ] in [ 1ms ]
2012-07-19 12:05:53,813 QuartzWorker-1 INFO ServiceRunner     [directory.ldap.cache.AbstractCacheRefresher] found [ 2 ] remote user-group memberships, [ 0 ] remote group-group memberships in [ 0ms ]
2012-07-19 12:05:53,814 QuartzWorker-1 INFO ServiceRunner     [atlassian.crowd.directory.DbCachingRemoteChangeOperations] added [ 1 ] user members to [ ad-infrastructure-team ] in [ 1ms ]
2012-07-19 12:05:53,814 QuartzWorker-1 INFO ServiceRunner     [directory.ldap.cache.AbstractCacheRefresher] found [ 2 ] remote user-group memberships, [ 0 ] remote group-group memberships in [ 0ms ]
2012-07-19 12:05:53,814 QuartzWorker-1 INFO ServiceRunner     [atlassian.crowd.directory.DbCachingRemoteChangeOperations] added [ 1 ] user members to [ ad-jira-administrators ] in [ 0ms ]
2012-07-19 12:05:53,814 QuartzWorker-1 INFO ServiceRunner     [directory.ldap.cache.AbstractCacheRefresher] found [ 5 ] remote user-group memberships, [ 0 ] remote group-group memberships in [ 0ms ]
2012-07-19 12:05:53,815 QuartzWorker-1 INFO ServiceRunner     [atlassian.crowd.directory.DbCachingRemoteChangeOperations] added [ 1 ] user members to [ ad-jira-developers ] in [ 0ms ]
2012-07-19 12:05:53,815 QuartzWorker-1 INFO ServiceRunner     [directory.ldap.cache.AbstractCacheRefresher] Migrated memberships for [4] of [23] groups
2012-07-19 12:05:53,815 QuartzWorker-1 INFO ServiceRunner     [directory.ldap.cache.AbstractCacheRefresher] found [ 5 ] remote user-group memberships, [ 0 ] remote group-group memberships in [ 0ms ]
2012-07-19 12:05:53,816 QuartzWorker-1 INFO ServiceRunner     [atlassian.crowd.directory.DbCachingRemoteChangeOperations] added [ 1 ] user members to [ ad-jira-users ] in [ 1ms ]
2012-07-19 12:05:53,816 QuartzWorker-1 INFO ServiceRunner     [directory.ldap.cache.AbstractCacheRefresher] found [ 0 ] remote user-group memberships, [ 0 ] remote group-group memberships in [ 0ms ]
2012-07-19 12:05:53,816 QuartzWorker-1 INFO ServiceRunner     [directory.ldap.cache.AbstractCacheRefresher] found [ 1 ] remote user-group memberships, [ 0 ] remote group-group memberships in [ 0ms ]
2012-07-19 12:05:53,816 QuartzWorker-1 INFO ServiceRunner     [directory.ldap.cache.AbstractCacheRefresher] found [ 1 ] remote user-group memberships, [ 0 ] remote group-group memberships in [ 0ms ]
2012-07-19 12:05:53,817 QuartzWorker-1 INFO ServiceRunner     [directory.ldap.cache.AbstractCacheRefresher] Migrated memberships for [8] of [23] groups
2012-07-19 12:05:53,817 QuartzWorker-1 INFO ServiceRunner     [directory.ldap.cache.AbstractCacheRefresher] found [ 5 ] remote user-group memberships, [ 0 ] remote group-group memberships in [ 0ms ]
2012-07-19 12:05:53,817 QuartzWorker-1 INFO ServiceRunner     [atlassian.crowd.directory.DbCachingRemoteChangeOperations] added [ 1 ] user members to [ Potato Bake ] in [ 0ms ]
2012-07-19 12:05:53,818 QuartzWorker-1 INFO ServiceRunner     [directory.ldap.cache.AbstractCacheRefresher] found [ 5 ] remote user-group memberships, [ 0 ] remote group-group memberships in [ 0ms ]
2012-07-19 12:05:53,818 QuartzWorker-1 INFO ServiceRunner     [atlassian.crowd.directory.DbCachingRemoteChangeOperations] added [ 1 ] user members to [ Stormtroopers ] in [ 0ms ]
2012-07-19 12:05:53,818 QuartzWorker-1 INFO ServiceRunner     [directory.ldap.cache.AbstractCacheRefresher] found [ 1 ] remote user-group memberships, [ 0 ] remote group-group memberships in [ 0ms ]
2012-07-19 12:05:53,818 QuartzWorker-1 INFO ServiceRunner     [directory.ldap.cache.AbstractCacheRefresher] found [ 4 ] remote user-group memberships, [ 0 ] remote group-group memberships in [ 0ms ]
2012-07-19 12:05:53,819 QuartzWorker-1 INFO ServiceRunner     [atlassian.crowd.directory.DbCachingRemoteChangeOperations] added [ 1 ] user members to [ The Avengers ] in [ 0ms ]
2012-07-19 12:05:53,819 QuartzWorker-1 INFO ServiceRunner     [directory.ldap.cache.AbstractCacheRefresher] Migrated memberships for [12] of [23] groups
2012-07-19 12:05:53,819 QuartzWorker-1 INFO ServiceRunner     [directory.ldap.cache.AbstractCacheRefresher] found [ 4 ] remote user-group memberships, [ 0 ] remote group-group memberships in [ 0ms ]
2012-07-19 12:05:53,820 QuartzWorker-1 INFO ServiceRunner     [atlassian.crowd.directory.DbCachingRemoteChangeOperations] added [ 1 ] user members to [ Batman & Robin ] in [ 1ms ]
2012-07-19 12:05:53,820 QuartzWorker-1 INFO ServiceRunner     [directory.ldap.cache.AbstractCacheRefresher] found [ 4 ] remote user-group memberships, [ 0 ] remote group-group memberships in [ 0ms ]
2012-07-19 12:05:53,821 QuartzWorker-1 INFO ServiceRunner     [atlassian.crowd.directory.DbCachingRemoteChangeOperations] added [ 1 ] user members to [ Tight Spandex ] in [ 1ms ]
2012-07-19 12:05:53,821 QuartzWorker-1 INFO ServiceRunner     [directory.ldap.cache.AbstractCacheRefresher] found [ 4 ] remote user-group memberships, [ 0 ] remote group-group memberships in [ 0ms ]
2012-07-19 12:05:53,822 QuartzWorker-1 INFO ServiceRunner     [atlassian.crowd.directory.DbCachingRemoteChangeOperations] added [ 1 ] user members to [ The Deathstar ] in [ 1ms ]
2012-07-19 12:05:53,822 QuartzWorker-1 INFO ServiceRunner     [directory.ldap.cache.AbstractCacheRefresher] found [ 0 ] remote user-group memberships, [ 0 ] remote group-group memberships in [ 0ms ]
2012-07-19 12:05:53,822 QuartzWorker-1 INFO ServiceRunner     [directory.ldap.cache.AbstractCacheRefresher] Migrated memberships for [16] of [23] groups
2012-07-19 12:05:53,822 QuartzWorker-1 INFO ServiceRunner     [directory.ldap.cache.AbstractCacheRefresher] found [ 1 ] remote user-group memberships, [ 0 ] remote group-group memberships in [ 0ms ]
2012-07-19 12:05:53,822 QuartzWorker-1 INFO ServiceRunner     [directory.ldap.cache.AbstractCacheRefresher] found [ 0 ] remote user-group memberships, [ 0 ] remote group-group memberships in [ 0ms ]
2012-07-19 12:05:53,822 QuartzWorker-1 INFO ServiceRunner     [directory.ldap.cache.AbstractCacheRefresher] found [ 1 ] remote user-group memberships, [ 0 ] remote group-group memberships in [ 0ms ]
2012-07-19 12:05:53,822 QuartzWorker-1 INFO ServiceRunner     [directory.ldap.cache.AbstractCacheRefresher] found [ 4 ] remote user-group memberships, [ 0 ] remote group-group memberships in [ 0ms ]
2012-07-19 12:05:53,823 QuartzWorker-1 INFO ServiceRunner     [atlassian.crowd.directory.DbCachingRemoteChangeOperations] added [ 1 ] user members to [ Guardians of the Globe ] in [ 0ms ]
2012-07-19 12:05:53,823 QuartzWorker-1 INFO ServiceRunner     [directory.ldap.cache.AbstractCacheRefresher] Migrated memberships for [20] of [23] groups
2012-07-19 12:05:53,823 QuartzWorker-1 INFO ServiceRunner     [directory.ldap.cache.AbstractCacheRefresher] found [ 1 ] remote user-group memberships, [ 0 ] remote group-group memberships in [ 0ms ]
2012-07-19 12:05:53,824 QuartzWorker-1 INFO ServiceRunner     [directory.ldap.cache.AbstractCacheRefresher] found [ 3 ] remote user-group memberships, [ 0 ] remote group-group memberships in [ 0ms ]
2012-07-19 12:05:53,824 QuartzWorker-1 INFO ServiceRunner     [atlassian.crowd.directory.DbCachingRemoteChangeOperations] added [ 1 ] user members to [ Superman] in [ 0ms ]
2012-07-19 12:05:53,824 QuartzWorker-1 INFO ServiceRunner     [directory.ldap.cache.AbstractCacheRefresher] found [ 5 ] remote user-group memberships, [ 0 ] remote group-group memberships in [ 0ms ]
2012-07-19 12:05:53,825 QuartzWorker-1 INFO ServiceRunner     [atlassian.crowd.directory.DbCachingRemoteChangeOperations] added [ 1 ] user members to [ Kick Ass ] in [ 1ms ]
2012-07-19 12:05:53,825 QuartzWorker-1 INFO ServiceRunner     [atlassian.crowd.directory.DbCachingRemoteDirectory] FULL synchronisation complete in [ 186ms ]
2012-07-19 12:06:19,460 StreamsCompletionService::thread-173 WARN anonymous    com.atlassian.streams.internal.ActivityProviderConnectionMonitorImpl:activityProvid
      To Replicate

      This can be replicated multiple ways across products - please see CWD-2854 & CONF-25646 for further information.

      Workaround
      1. Schedule a downtime window, as users will be unable to login during these changes.
      2. Log in as an administrator within the JIRA Internal Directory. If one does not exist, create it.
      3. Disable the problematic User Directory.
      4. Create a new User Directory within JIRA, using the same settings as the old one.
      5. Test the synchronisation and ensure that synchronisation completes successfully. If so, use this new directory.

      If you have a User Directory set up with the Read Only, with Local Groups permission settings you will no longer have the local groups set up in the database when the user directory is disabled. The project roles will not be affected.

      If you are using Microsoft AD, you can try to use the adsiedit.msc to change the SAMAccountName attribute for the users to lowercase in the LDAP.

      Attachments

        Issue Links

          causes

          Bug - A problem which impairs or prevents the functions of the product. CWD-3900 Mixed case group names breaks the connection between JIRA and LDAP for User Management

          • Medium - Medium priority issues
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. JRASERVER-36424 Mixed case group names breaks the connection between JIRA and LDAP for User Management

          • Medium - Medium priority issues
          • Closed
          is related to

          Bug - A problem which impairs or prevents the functions of the product. JRASERVER-29054 JIRA using mixed-case username from LDAP

          • High - High priority issues
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. CWD-2854 Mixed case with LDAP, couldn't synchronize users and groups

          • Medium - Medium priority issues
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. CONFSERVER-25646 Mixed case usernames can break connection between Confluence and JIRA for User Management

          • Low - Low priority issues
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. JRASERVER-62234 Mixed case group names on LDAP for User Management still throws error in Log

          • Low - Low priority issues
          • Gathering Impact
          is incorporated by

          JRADEV-11821 Loading...

          mentioned in

          Page Loading...

          Page Loading...

          Page Loading...

          Page Loading...

          Page Loading...

          Page Loading...

          Wiki Page Loading...

          Activity

            People

              mhenderson Marty Henderson (Inactive)
              dcurrie@atlassian.com Dave C
              Votes:
              10 Vote for this issue
              Watchers:
              36 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: