javax.naming.InvalidNameException: cn=ut40uat-hsmain-ext cnf:42e39380-4839-4ecb-bf4c-707141604142,ou=xxxx-xxxx,ou=xxx,ou=xxxx-xxxx,dc=xxxx,dc=xx: [LDAP: error code 34 - 0000208F: NameErr: DSID-031001F7, problem 2006 (BAD_NAME), data 8349, best match of: 'cn=xxxx-xxxx-xxx cnf:42e39380-4839-4ecb-bf4c-707141604142,ou=xxxx-xxxx,ou=xxx,ou=xxxx-xxxx,dc=xxxx,dc=xx ]; remaining name 'cn=xxxxx-xxxx-xxx cnf:42e39380-4839-4ecb-bf4c-707141604142,ou=xxxx-xxxx,ou=xxx,ou=xxxx-xxxx,dc=xxxx,dc=xx'

Atlassian JIRA | Saleh Parsa [Atlassian] | 2 years ago
tip
Your exception is missing from the Samebug knowledge base.
Here are the best solutions we found on the Internet.
Click on the to mark the helpful solution and get rewards for you help.
  1. 0

    Confluence throws following when syncing with LDAP directories containing CNF attributes: {code} cnf:42e39380-4839-4ecb-bf4c-707141604142,ou=xxxx-xxxx,ou=xxx,ou=xxxx-xxxx,dc=xxxx,dc=xx: [LDAP: error code 34 - 0000208F: NameErr: DSID-031001F7, problem 2006 (BAD_NAME), data 8349, best match of: 'cn=ut40uat-hsmain-ext cnf:42e39380-4839-4ecb-bf4c-707141604142,ou=xxxx-xxxx,ou=xxx,ou=xxxx-xxxx,dc=xxxx,dc=xx' ]; nested exception is javax.naming.InvalidNameException: cn=ut40uat-hsmain-ext cnf:42e39380-4839-4ecb-bf4c-707141604142,ou=xxxx-xxxx,ou=xxx,ou=xxxx-xxxx,dc=xxxx,dc=xx: [LDAP: error code 34 - 0000208F: NameErr: DSID-031001F7, problem 2006 (BAD_NAME), data 8349, best match of: 'cn=xxxx-xxxx-xxx cnf:42e39380-4839-4ecb-bf4c-707141604142,ou=xxxx-xxxx,ou=xxx,ou=xxxx-xxxx,dc=xxxx,dc=xx ]; remaining name 'cn=xxxxx-xxxx-xxx cnf:42e39380-4839-4ecb-bf4c-707141604142,ou=xxxx-xxxx,ou=xxx,ou=xxxx-xxxx,dc=xxxx,dc=xx' at org.springframework.ldap.support.LdapUtils.convertLdapException(LdapUtils.java:136) {code} According to this [Microsoft KB|http://msdn.microsoft.com/en-us/library/bb727059.aspx#EAAA]: {quote} Active Directory supports multimaster replication of directory objects between all domain controllers in the domain. When replication of objects results in name conflicts (two objects have the same name within the same container), the system automatically renames one of these accounts to a unique name. For example, object ABC is renamed to be *CNF:guid, where "*" represents a reserved character, "CNF" is a constant that indicates a conflict resolution, and "guid" represents a printable representation of the objectGuid attribute value. {quote} So the CNF is created when there is a conflict in the replication of the domain controllers and there are duplicated objects. Confluence should gracefully handle this error. h6. Workaround: 1) Ask the LDAP administrator to remove the duplicated groups or users from the LDAP and make sure there are no other conflicts before syncing. 2) Create a filter for the users and groups objects to avoid syncing with objects that have cnf attributes. {code} Should become something like: (&(objectClass=group)(!(cnf:*))) OR (&(objectClass=group)(!(cn=cnf:))) {code} Check here for additional details on [LDAP filters.|https://confluence.atlassian.com/display/DEV/How+to+write+LDAP+search+filters]

    Atlassian JIRA | 2 years ago | Saleh Parsa [Atlassian]
    javax.naming.InvalidNameException: cn=ut40uat-hsmain-ext cnf:42e39380-4839-4ecb-bf4c-707141604142,ou=xxxx-xxxx,ou=xxx,ou=xxxx-xxxx,dc=xxxx,dc=xx: [LDAP: error code 34 - 0000208F: NameErr: DSID-031001F7, problem 2006 (BAD_NAME), data 8349, best match of: 'cn=xxxx-xxxx-xxx cnf:42e39380-4839-4ecb-bf4c-707141604142,ou=xxxx-xxxx,ou=xxx,ou=xxxx-xxxx,dc=xxxx,dc=xx ]; remaining name 'cn=xxxxx-xxxx-xxx cnf:42e39380-4839-4ecb-bf4c-707141604142,ou=xxxx-xxxx,ou=xxx,ou=xxxx-xxxx,dc=xxxx,dc=xx'
  2. 0

    Hi, reference to question https://answers.atlassian.com/questions/11961357/ad-synchronisation-fails We are having issues with syncing are AD server. It seems like the some entries have the special char "\0A" in cn (new line i guess) which causes the following exception, part1cn(before new line) part2cn(after new line). I understand that this entry is bad but I expect Stash/Crowed to ignore this entry and continue the sync. Does this exception causes the sync to halt? if it does is it possible to ignore this entry and continue the sync if it doesn't, maybe "Synchronisation failed" should be rephrased to "Synchronisation completed with errors" ? Looks like this weird cn names is how Active directory is handling duplicate entries http://social.technet.microsoft.com/wiki/contents/articles/15435.active-directory-duplicate-object-name-resolution.aspx#When_a_Duplicate_RDN_in_an_OU_or_Container_is_Detected Our SonarQube, Subversion Edge and Jenkins can handle this bad entries perfectly fine but Stash have trouble with it. Thanks in advance {noformat} 2014-12-22 15:40:47,007 ERROR [clusterScheduler_Worker-2] c.a.c.d.DbCachingDirectoryPoller Error occurred while refreshing the cache for directory [ 1572865 ]. org.springframework.ldap.InvalidNameException: cn=part1cn part2cn,ou=groups,ou=someou,ou=cci,dc=corp,dc=bla,dc=com: [LDAP: error code 34 - 0000208F: NameErr: DSID-031001BA, problem 2006 (BAD_NAME), data 8349, best match of: 'cn=part1cn part2cn,ou=groups,ou=someou,ou=cci,dc=corp,dc=bla,dc=com' ^@]; nested exception is javax.naming.InvalidNameException: cn=part1cn part2cn,ou=groups,ou=someou,ou=cci,dc=corp,dc=bla,dc=com: [LDAP: error code 34 - 0000208F: NameErr: DSID-031001BA, problem 2006 (BAD_NAME), data 8349, best match of: 'cn=part1cn part2cn,ou=groups,ou=someou,ou=cci,dc=corp,dc=bla,dc=com' ^@]; remaining name 'cn=part1cn part2cn,ou=groups,ou=someou,ou=cci,dc=corp,dc=bla,dc=com' at org.springframework.ldap.support.LdapUtils.convertLdapException(LdapUtils.java:136) ~[LdapUtils.class:2.0.2.RELEASE] at org.springframework.ldap.core.LdapTemplate.executeWithContext(LdapTemplate.java:820) ~[LdapTemplate.class:2.0.2.RELEASE] at org.springframework.ldap.core.LdapTemplate.executeReadOnly(LdapTemplate.java:803) ~[LdapTemplate.class:2.0.2.RELEASE] at org.springframework.ldap.core.LdapTemplate.lookup(LdapTemplate.java:935) ~[LdapTemplate.class:2.0.2.RELEASE] at com.atlassian.crowd.directory.ldap.SpringLdapTemplateWrapper$9.timedCall(SpringLdapTemplateWrapper.java:286) ~[SpringLdapTemplateWrapper$9.class:na] at com.atlassian.crowd.directory.ldap.SpringLdapTemplateWrapper$TimedCallable.call(SpringLdapTemplateWrapper.java:124) ~[SpringLdapTemplateWrapper$TimedCallable.class:na] at com.atlassian.crowd.directory.ldap.SpringLdapTemplateWrapper.invokeWithContextClassLoader(SpringLdapTemplateWrapper.java:87) ~[SpringLdapTemplateWrapper.class:na] at com.atlassian.crowd.directory.ldap.SpringLdapTemplateWrapper.lookup(SpringLdapTemplateWrapper.java:282) ~[SpringLdapTemplateWrapper.class:na] at com.atlassian.crowd.directory.RFC4519Directory.findDirectMembersOfGroup(RFC4519Directory.java:959) ~[RFC4519Directory.class:na] at com.atlassian.crowd.directory.MicrosoftActiveDirectory.findDirectMembersOfGroup(MicrosoftActiveDirectory.java:516) ~[MicrosoftActiveDirectory.class:na] at com.atlassian.crowd.directory.RFC4519DirectoryMembershipsIterable$2.apply(RFC4519DirectoryMembershipsIterable.java:78) ~[RFC4519DirectoryMembershipsIterable$2.class:na] at com.atlassian.crowd.directory.RFC4519DirectoryMembershipsIterable$2.apply(RFC4519DirectoryMembershipsIterable.java:70) ~[RFC4519DirectoryMembershipsIterable$2.class:na] at com.google.common.collect.Iterators$8.next(Iterators.java:812) ~[Iterators$8.class:na] at com.atlassian.crowd.directory.ldap.cache.AbstractCacheRefresher.synchroniseMemberships(AbstractCacheRefresher.java:196) ~[AbstractCacheRefresher.class:na] at com.atlassian.crowd.directory.ldap.cache.AbstractCacheRefresher.synchroniseAll(AbstractCacheRefresher.java:98) ~[AbstractCacheRefresher.class:na] at com.atlassian.crowd.directory.ldap.cache.UsnChangedCacheRefresher.synchroniseAll(UsnChangedCacheRefresher.java:161) ~[UsnChangedCacheRefresher.class:na] at com.atlassian.crowd.directory.DbCachingRemoteDirectory.synchroniseCache(DbCachingRemoteDirectory.java:1122) ~[DbCachingRemoteDirectory.class:na] at com.atlassian.crowd.manager.directory.DirectorySynchroniserImpl.synchronise(DirectorySynchroniserImpl.java:76) ~[DirectorySynchroniserImpl.class:na] at com.atlassian.crowd.directory.DbCachingDirectoryPoller.pollChanges(DbCachingDirectoryPoller.java:50) ~[DbCachingDirectoryPoller.class:na] at com.atlassian.crowd.manager.directory.monitor.poller.DirectoryPollerJobRunner.runJob(DirectoryPollerJobRunner.java:93) [DirectoryPollerJobRunner.class:na] at com.atlassian.scheduler.core.JobLauncher.runJob(JobLauncher.java:135) [JobLauncher.class:na] at com.atlassian.scheduler.core.JobLauncher.launchAndBuildResponse(JobLauncher.java:101) [JobLauncher.class:na] at com.atlassian.scheduler.core.JobLauncher.launch(JobLauncher.java:80) [JobLauncher.class:na] at com.atlassian.scheduler.quartz2.Quartz2Job.execute(Quartz2Job.java:32) [Quartz2Job.class:na] at org.quartz.core.JobRunShell.run(JobRunShell.java:202) [JobRunShell.class:na] at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:573) [SimpleThreadPool$WorkerThread.class:na] ... 12 frames trimmed Caused by: javax.naming.InvalidNameException: cn=part1cn {noformat}

    Atlassian JIRA | 2 years ago | Idan Bidani
    javax.naming.InvalidNameException: cn=part1cn part2cn,ou=groups,ou=someou,ou=cci,dc=corp,dc=bla,dc=com: [LDAP: error code 34 - 0000208F: NameErr: DSID-031001BA, problem 2006 (BAD_NAME), data 8349, best match of: 'cn=part1cn part2cn,ou=groups,ou=someou,ou=cci,dc=corp,dc=bla,dc=com' ^@]; remaining name 'cn=part1cn part2cn,ou=groups,ou=someou,ou=cci,dc=corp,dc=bla,dc=com'
  3. 0

    Hi, reference to question https://answers.atlassian.com/questions/11961357/ad-synchronisation-fails We are having issues with syncing are AD server. It seems like the some entries have the special char "\0A" in cn (new line i guess) which causes the following exception, part1cn(before new line) part2cn(after new line). I understand that this entry is bad but I expect Stash/Crowed to ignore this entry and continue the sync. Does this exception causes the sync to halt? if it does is it possible to ignore this entry and continue the sync if it doesn't, maybe "Synchronisation failed" should be rephrased to "Synchronisation completed with errors" ? Looks like this weird cn names is how Active directory is handling duplicate entries http://social.technet.microsoft.com/wiki/contents/articles/15435.active-directory-duplicate-object-name-resolution.aspx#When_a_Duplicate_RDN_in_an_OU_or_Container_is_Detected Our SonarQube, Subversion Edge and Jenkins can handle this bad entries perfectly fine but Stash have trouble with it. Thanks in advance {noformat} 2014-12-22 15:40:47,007 ERROR [clusterScheduler_Worker-2] c.a.c.d.DbCachingDirectoryPoller Error occurred while refreshing the cache for directory [ 1572865 ]. org.springframework.ldap.InvalidNameException: cn=part1cn part2cn,ou=groups,ou=someou,ou=cci,dc=corp,dc=bla,dc=com: [LDAP: error code 34 - 0000208F: NameErr: DSID-031001BA, problem 2006 (BAD_NAME), data 8349, best match of: 'cn=part1cn part2cn,ou=groups,ou=someou,ou=cci,dc=corp,dc=bla,dc=com' ^@]; nested exception is javax.naming.InvalidNameException: cn=part1cn part2cn,ou=groups,ou=someou,ou=cci,dc=corp,dc=bla,dc=com: [LDAP: error code 34 - 0000208F: NameErr: DSID-031001BA, problem 2006 (BAD_NAME), data 8349, best match of: 'cn=part1cn part2cn,ou=groups,ou=someou,ou=cci,dc=corp,dc=bla,dc=com' ^@]; remaining name 'cn=part1cn part2cn,ou=groups,ou=someou,ou=cci,dc=corp,dc=bla,dc=com' at org.springframework.ldap.support.LdapUtils.convertLdapException(LdapUtils.java:136) ~[LdapUtils.class:2.0.2.RELEASE] at org.springframework.ldap.core.LdapTemplate.executeWithContext(LdapTemplate.java:820) ~[LdapTemplate.class:2.0.2.RELEASE] at org.springframework.ldap.core.LdapTemplate.executeReadOnly(LdapTemplate.java:803) ~[LdapTemplate.class:2.0.2.RELEASE] at org.springframework.ldap.core.LdapTemplate.lookup(LdapTemplate.java:935) ~[LdapTemplate.class:2.0.2.RELEASE] at com.atlassian.crowd.directory.ldap.SpringLdapTemplateWrapper$9.timedCall(SpringLdapTemplateWrapper.java:286) ~[SpringLdapTemplateWrapper$9.class:na] at com.atlassian.crowd.directory.ldap.SpringLdapTemplateWrapper$TimedCallable.call(SpringLdapTemplateWrapper.java:124) ~[SpringLdapTemplateWrapper$TimedCallable.class:na] at com.atlassian.crowd.directory.ldap.SpringLdapTemplateWrapper.invokeWithContextClassLoader(SpringLdapTemplateWrapper.java:87) ~[SpringLdapTemplateWrapper.class:na] at com.atlassian.crowd.directory.ldap.SpringLdapTemplateWrapper.lookup(SpringLdapTemplateWrapper.java:282) ~[SpringLdapTemplateWrapper.class:na] at com.atlassian.crowd.directory.RFC4519Directory.findDirectMembersOfGroup(RFC4519Directory.java:959) ~[RFC4519Directory.class:na] at com.atlassian.crowd.directory.MicrosoftActiveDirectory.findDirectMembersOfGroup(MicrosoftActiveDirectory.java:516) ~[MicrosoftActiveDirectory.class:na] at com.atlassian.crowd.directory.RFC4519DirectoryMembershipsIterable$2.apply(RFC4519DirectoryMembershipsIterable.java:78) ~[RFC4519DirectoryMembershipsIterable$2.class:na] at com.atlassian.crowd.directory.RFC4519DirectoryMembershipsIterable$2.apply(RFC4519DirectoryMembershipsIterable.java:70) ~[RFC4519DirectoryMembershipsIterable$2.class:na] at com.google.common.collect.Iterators$8.next(Iterators.java:812) ~[Iterators$8.class:na] at com.atlassian.crowd.directory.ldap.cache.AbstractCacheRefresher.synchroniseMemberships(AbstractCacheRefresher.java:196) ~[AbstractCacheRefresher.class:na] at com.atlassian.crowd.directory.ldap.cache.AbstractCacheRefresher.synchroniseAll(AbstractCacheRefresher.java:98) ~[AbstractCacheRefresher.class:na] at com.atlassian.crowd.directory.ldap.cache.UsnChangedCacheRefresher.synchroniseAll(UsnChangedCacheRefresher.java:161) ~[UsnChangedCacheRefresher.class:na] at com.atlassian.crowd.directory.DbCachingRemoteDirectory.synchroniseCache(DbCachingRemoteDirectory.java:1122) ~[DbCachingRemoteDirectory.class:na] at com.atlassian.crowd.manager.directory.DirectorySynchroniserImpl.synchronise(DirectorySynchroniserImpl.java:76) ~[DirectorySynchroniserImpl.class:na] at com.atlassian.crowd.directory.DbCachingDirectoryPoller.pollChanges(DbCachingDirectoryPoller.java:50) ~[DbCachingDirectoryPoller.class:na] at com.atlassian.crowd.manager.directory.monitor.poller.DirectoryPollerJobRunner.runJob(DirectoryPollerJobRunner.java:93) [DirectoryPollerJobRunner.class:na] at com.atlassian.scheduler.core.JobLauncher.runJob(JobLauncher.java:135) [JobLauncher.class:na] at com.atlassian.scheduler.core.JobLauncher.launchAndBuildResponse(JobLauncher.java:101) [JobLauncher.class:na] at com.atlassian.scheduler.core.JobLauncher.launch(JobLauncher.java:80) [JobLauncher.class:na] at com.atlassian.scheduler.quartz2.Quartz2Job.execute(Quartz2Job.java:32) [Quartz2Job.class:na] at org.quartz.core.JobRunShell.run(JobRunShell.java:202) [JobRunShell.class:na] at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:573) [SimpleThreadPool$WorkerThread.class:na] ... 12 frames trimmed Caused by: javax.naming.InvalidNameException: cn=part1cn {noformat}

    Atlassian JIRA | 2 years ago | Idan Bidani
    javax.naming.InvalidNameException: cn=part1cn part2cn,ou=groups,ou=someou,ou=cci,dc=corp,dc=bla,dc=com: [LDAP: error code 34 - 0000208F: NameErr: DSID-031001BA, problem 2006 (BAD_NAME), data 8349, best match of: 'cn=part1cn part2cn,ou=groups,ou=someou,ou=cci,dc=corp,dc=bla,dc=com' ^@]; remaining name 'cn=part1cn part2cn,ou=groups,ou=someou,ou=cci,dc=corp,dc=bla,dc=com'
  4. Speed up your debug routine!

    Automated exception search integrated into your IDE

    Root Cause Analysis

    1. javax.naming.InvalidNameException

      cn=ut40uat-hsmain-ext cnf:42e39380-4839-4ecb-bf4c-707141604142,ou=xxxx-xxxx,ou=xxx,ou=xxxx-xxxx,dc=xxxx,dc=xx: [LDAP: error code 34 - 0000208F: NameErr: DSID-031001F7, problem 2006 (BAD_NAME), data 8349, best match of: 'cn=xxxx-xxxx-xxx cnf:42e39380-4839-4ecb-bf4c-707141604142,ou=xxxx-xxxx,ou=xxx,ou=xxxx-xxxx,dc=xxxx,dc=xx ]; remaining name 'cn=xxxxx-xxxx-xxx cnf:42e39380-4839-4ecb-bf4c-707141604142,ou=xxxx-xxxx,ou=xxx,ou=xxxx-xxxx,dc=xxxx,dc=xx'

      at org.springframework.ldap.support.LdapUtils.convertLdapException()
    2. spring-ldap-core
      LdapUtils.convertLdapException
      1. org.springframework.ldap.support.LdapUtils.convertLdapException(LdapUtils.java:136)
      1 frame