javax.naming.NameNotFoundException: [LDAP: error code 32 - 0000208D: NameErr: DSID-031001CD, problem 2001 (NO_OBJECT), data 0, best match of: 'OU=sydney,OU=australia,OU=oceania,OU=ABC,DC=COMMON,DC=AU,DC=UUJT,DC=DOMAIN,DC=com' remaining name 'cn=John.Smith,ou=1122,ou=users,OU=ABC,DC=COMMON,DC=AU,DC=UUJT,DC=DOMAIN,DC=com'

Atlassian JIRA | Renan Battaglin | 7 years ago
  1. 0

    Currently the [Crowd LDAP Caching documentation|http://confluence.atlassian.com/display/CROWD/Configuring+Caching+for+an+LDAP+Directory] states: {quote} Limitations ... *Renaming objects is not supported.* — If the DN of an object is changed externally, the cache will be out of date until flushed. {quote} If an object is changed using an external tool, Crowd will report the following in the logs: {noformat} 2009-11-16 16:55:46,911 http-8095-Processor24 ERROR [codehaus.xfire.handler.DefaultFaultHandler] Fault occurred! org.springframework.ldap.NameNotFoundException: [LDAP: error code 32 - 0000208D: NameErr: DSID-031001CD, problem 2001 (NO_OBJECT), data 0, best match of: 'OU=sydney,OU=australia,OU=oceania,OU=ABC,DC=COMMON,DC=AU,DC=UUJT,DC=DOMAIN,DC=com' nested exception is javax.naming.NameNotFoundException: [LDAP: error code 32 - 0000208D: NameErr: DSID-031001CD, problem 2001 (NO_OBJECT), data 0, best match of: 'OU=sydney,OU=australia,OU=oceania,OU=ABC,DC=COMMON,DC=AU,DC=UUJT,DC=DOMAIN,DC=com' remaining name 'cn=John.Smith,ou=1122,ou=users,OU=ABC,DC=COMMON,DC=AU,DC=UUJT,DC=DOMAIN,DC=com' at org.springframework.ldap.support.LdapUtils.convertLdapException(LdapUtils.java:171) at org.springframework.ldap.core.LdapTemplate.executeWithContext(LdapTemplate.java:800) at org.springframework.ldap.core.LdapTemplate.executeReadOnly(LdapTemplate.java:783) at org.springframework.ldap.core.LdapTemplate.lookup(LdapTemplate.java:881) at com.atlassian.crowd.integration.directory.connector.SpringLDAPConnector.findEntityByDN(SpringLDAPConnector.java:994) at com.atlassian.crowd.integration.directory.cache.CachingLDAPDirectory.findEntityIdentifierFromDN(CachingLDAPDirectory.java:220) at com.atlassian.crowd.integration.directory.cache.CachingLDAPDirectory.findGroupAndDirectMembersByName(CachingLDAPDirectory.java:331) at com.atlassian.crowd.integration.directory.cache.CachingLDAPDirectory.findGroupByName(CachingLDAPDirectory.java:451) at com.atlassian.crowd.integration.directory.cache.CachingLDAPDirectory.findGroupByName(CachingLDAPDirectory.java:470) at com.atlassian.crowd.manager.application.ApplicationServiceGeneric.findGroupByName(ApplicationServiceGeneric.java:654) {noformat} A better implementation would consider: 1. The time necessary to synchronize the Forest Domains 2. If the Full DN can't be found, search for the object CN or Simplified DN (John.Smith@ad.domain.com) 3. Show to the Admin what are the cache inconsistencies so that he can flush the cache or force a Domain Sync.

    Atlassian JIRA | 7 years ago | Renan Battaglin
    javax.naming.NameNotFoundException: [LDAP: error code 32 - 0000208D: NameErr: DSID-031001CD, problem 2001 (NO_OBJECT), data 0, best match of: 'OU=sydney,OU=australia,OU=oceania,OU=ABC,DC=COMMON,DC=AU,DC=UUJT,DC=DOMAIN,DC=com' remaining name 'cn=John.Smith,ou=1122,ou=users,OU=ABC,DC=COMMON,DC=AU,DC=UUJT,DC=DOMAIN,DC=com'
  2. 0

    Currently the [Crowd LDAP Caching documentation|http://confluence.atlassian.com/display/CROWD/Configuring+Caching+for+an+LDAP+Directory] states: {quote} Limitations ... *Renaming objects is not supported.* — If the DN of an object is changed externally, the cache will be out of date until flushed. {quote} If an object is changed using an external tool, Crowd will report the following in the logs: {noformat} 2009-11-16 16:55:46,911 http-8095-Processor24 ERROR [codehaus.xfire.handler.DefaultFaultHandler] Fault occurred! org.springframework.ldap.NameNotFoundException: [LDAP: error code 32 - 0000208D: NameErr: DSID-031001CD, problem 2001 (NO_OBJECT), data 0, best match of: 'OU=sydney,OU=australia,OU=oceania,OU=ABC,DC=COMMON,DC=AU,DC=UUJT,DC=DOMAIN,DC=com' nested exception is javax.naming.NameNotFoundException: [LDAP: error code 32 - 0000208D: NameErr: DSID-031001CD, problem 2001 (NO_OBJECT), data 0, best match of: 'OU=sydney,OU=australia,OU=oceania,OU=ABC,DC=COMMON,DC=AU,DC=UUJT,DC=DOMAIN,DC=com' remaining name 'cn=John.Smith,ou=1122,ou=users,OU=ABC,DC=COMMON,DC=AU,DC=UUJT,DC=DOMAIN,DC=com' at org.springframework.ldap.support.LdapUtils.convertLdapException(LdapUtils.java:171) at org.springframework.ldap.core.LdapTemplate.executeWithContext(LdapTemplate.java:800) at org.springframework.ldap.core.LdapTemplate.executeReadOnly(LdapTemplate.java:783) at org.springframework.ldap.core.LdapTemplate.lookup(LdapTemplate.java:881) at com.atlassian.crowd.integration.directory.connector.SpringLDAPConnector.findEntityByDN(SpringLDAPConnector.java:994) at com.atlassian.crowd.integration.directory.cache.CachingLDAPDirectory.findEntityIdentifierFromDN(CachingLDAPDirectory.java:220) at com.atlassian.crowd.integration.directory.cache.CachingLDAPDirectory.findGroupAndDirectMembersByName(CachingLDAPDirectory.java:331) at com.atlassian.crowd.integration.directory.cache.CachingLDAPDirectory.findGroupByName(CachingLDAPDirectory.java:451) at com.atlassian.crowd.integration.directory.cache.CachingLDAPDirectory.findGroupByName(CachingLDAPDirectory.java:470) at com.atlassian.crowd.manager.application.ApplicationServiceGeneric.findGroupByName(ApplicationServiceGeneric.java:654) {noformat} A better implementation would consider: 1. The time necessary to synchronize the Forest Domains 2. If the Full DN can't be found, search for the object CN or Simplified DN (John.Smith@ad.domain.com) 3. Show to the Admin what are the cache inconsistencies so that he can flush the cache or force a Domain Sync.

    Atlassian JIRA | 7 years ago | Renan Battaglin
    javax.naming.NameNotFoundException: [LDAP: error code 32 - 0000208D: NameErr: DSID-031001CD, problem 2001 (NO_OBJECT), data 0, best match of: 'OU=sydney,OU=australia,OU=oceania,OU=ABC,DC=COMMON,DC=AU,DC=UUJT,DC=DOMAIN,DC=com' remaining name 'cn=John.Smith,ou=1122,ou=users,OU=ABC,DC=COMMON,DC=AU,DC=UUJT,DC=DOMAIN,DC=com'
  3. 0

    h4. Symptoms If using an incremental sync, and on the directory server the location of a group is changed, then on the next sync, it will fail. This affects Crowd, and all applications using Embedded Crowd. An error like below will be shown in the logs: {code:none} 2013-09-09 14:49:36,754 scheduler_Worker-8 ERROR [atlassian.crowd.directory.DbCachingRemoteDirectory] Incremental synchronisation was unexpectedly interrupted, falling back to a full synchronisation org.springframework.ldap.NameNotFoundException: [LDAP: error code 32 - 0000208D: NameErr: DSID-031001CD, problem 2001 (NO_OBJECT), data 0, best match of: 'OU=Groups,DC=sydney,DC=atlassian,DC=com' ]; nested exception is javax.naming.NameNotFoundException: [LDAP: error code 32 - 0000208D: NameErr: DSID-031001CD, problem 2001 (NO_OBJECT), data 0, best match of: 'OU=Groups,DC=sydney,DC=atlassian,DC=com' ]; remaining name 'cn=another test,ou=groups,dc=sydney,dc=atlassian,dc=com' at org.springframework.ldap.support.LdapUtils.convertLdapException(LdapUtils.java:174) at org.springframework.ldap.core.LdapTemplate.executeWithContext(LdapTemplate.java:810) at org.springframework.ldap.core.LdapTemplate.executeReadOnly(LdapTemplate.java:793) at org.springframework.ldap.core.LdapTemplate.lookup(LdapTemplate.java:935) at com.atlassian.crowd.directory.ldap.LdapTemplateWithClassLoaderWrapper$9.call(LdapTemplateWithClassLoaderWrapper.java:159) at com.atlassian.crowd.directory.ldap.LdapTemplateWithClassLoaderWrapper.invokeWithContextClassLoader(LdapTemplateWithClassLoaderWrapper.java:54) at com.atlassian.crowd.directory.ldap.LdapTemplateWithClassLoaderWrapper.lookup(LdapTemplateWithClassLoaderWrapper.java:155) at com.atlassian.crowd.directory.RFC4519Directory.findDirectMembersOfGroup(RFC4519Directory.java:898) at com.atlassian.crowd.directory.RFC4519DirectoryMembershipsIterable$2.apply(RFC4519DirectoryMembershipsIterable.java:77) at com.atlassian.crowd.directory.RFC4519DirectoryMembershipsIterable$2.apply(RFC4519DirectoryMembershipsIterable.java:69) at com.google.common.collect.Iterators$8.next(Iterators.java:782) at com.atlassian.crowd.directory.ldap.cache.AbstractCacheRefresher.synchroniseMemberships(AbstractCacheRefresher.java:126) at com.atlassian.crowd.directory.ldap.cache.UsnChangedCacheRefresher.synchroniseGroupChanges(UsnChangedCacheRefresher.java:258) at com.atlassian.crowd.directory.ldap.cache.UsnChangedCacheRefresher.synchroniseChanges(UsnChangedCacheRefresher.java:81) at com.atlassian.crowd.directory.DbCachingRemoteDirectory.synchroniseCache(DbCachingRemoteDirectory.java:629) at com.atlassian.crowd.manager.directory.DirectorySynchroniserImpl.synchronise(DirectorySynchroniserImpl.java:63) at com.atlassian.crowd.directory.DbCachingDirectoryPoller.pollChanges(DbCachingDirectoryPoller.java:50) at com.atlassian.crowd.manager.directory.monitor.poller.DirectoryPollerJobBean.executeInternal(DirectoryPollerJobBean.java:29) at org.springframework.scheduling.quartz.QuartzJobBean.execute(QuartzJobBean.java:113) at org.quartz.core.JobRunShell.run(JobRunShell.java:203) at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:520) Caused by: javax.naming.NameNotFoundException: [LDAP: error code 32 - 0000208D: NameErr: DSID-031001CD, problem 2001 (NO_OBJECT), data 0, best match of: 'OU=Groups,DC=sydney,DC=atlassian,DC=com' ]; remaining name 'cn=another test,ou=groups,dc=sydney,dc=atlassian,dc=com' at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3092) at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3013) at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2820) at com.sun.jndi.ldap.LdapCtx.c_getAttributes(LdapCtx.java:1312) at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_getAttributes(ComponentDirContext.java:213) at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.getAttributes(PartialCompositeDirContext.java:121) at javax.naming.directory.InitialDirContext.getAttributes(InitialDirContext.java:133) at sun.reflect.GeneratedMethodAccessor342.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.springframework.ldap.transaction.compensating.manager.TransactionAwareDirContextInvocationHandler.invoke(TransactionAwareDirContextInvocationHandler.java:92) at com.sun.proxy.$Proxy154.getAttributes(Unknown Source) at org.springframework.ldap.core.LdapTemplate$17.executeWithContext(LdapTemplate.java:937) at org.springframework.ldap.core.LdapTemplate.executeWithContext(LdapTemplate.java:807) ... 19 more {code} h4. Workaround Use any version of Crowd that includes [CWD-3188|https://jira.atlassian.com/browse/CWD-3188], so that a failed incremental sync will fall back to a full sync.

    Atlassian JIRA | 3 years ago | David Mason
    javax.naming.NameNotFoundException: [LDAP: error code 32 - 0000208D: NameErr: DSID-031001CD, problem 2001 (NO_OBJECT), data 0, best match of: 'OU=Groups,DC=sydney,DC=atlassian,DC=com' ]; remaining name 'cn=another test,ou=groups,dc=sydney,dc=atlassian,dc=com'
  4. Speed up your debug routine!

    Automated exception search integrated into your IDE

  5. 0

    Adding group to User on AD Error

    Oracle Community | 5 years ago | Shashi Kiran
    javax.naming.NameNotFoundException: [LDAP: error code 32 - 0000208D: NameErr: DSID-031001CD, problem 2001 (NO_OBJECT), data 0, best match of: 'OU=Accounts,OU=BAND,DC=def,DC=abc,DC=com' ]; remaining name 'CN=Domain Users,CN=Users,OU=Accounts,OU=BAND,DC=def,DC=abc,DC=com'
  6. 0

    [CWD-1339] If baseDN is not the root of the tree, deleted objects detection does not work - Atlassian JIRA

    atlassian.com | 1 year ago
    javax.naming.NameNotFoundException: [LDAP: error code 32 - 0000208D: NameErr: DSID-031001E4, problem 2001 (NO_OBJECT), data 0, best match of: 'OU=child-0,OU=Bulk,OU=Test,DC=dc-one,DC=crowd,DC=sydney,DC=atlassian,DC=com' ]; remaining name 'CN=Deleted Objects,ou=child-0,ou=Bulk,ou=Test,dc=dc-one, dc=crowd, dc=sydney, dc=atlassian, dc=com'

    Not finding the right solution?
    Take a tour to get the most out of Samebug.

    Tired of useless tips?

    Automated exception search integrated into your IDE

    Root Cause Analysis

    1. javax.naming.NameNotFoundException

      [LDAP: error code 32 - 0000208D: NameErr: DSID-031001CD, problem 2001 (NO_OBJECT), data 0, best match of: 'OU=sydney,OU=australia,OU=oceania,OU=ABC,DC=COMMON,DC=AU,DC=UUJT,DC=DOMAIN,DC=com' remaining name 'cn=John.Smith,ou=1122,ou=users,OU=ABC,DC=COMMON,DC=AU,DC=UUJT,DC=DOMAIN,DC=com'

      at org.springframework.ldap.support.LdapUtils.convertLdapException()
    2. spring-ldap-core
      LdapTemplate.lookup
      1. org.springframework.ldap.support.LdapUtils.convertLdapException(LdapUtils.java:171)
      2. org.springframework.ldap.core.LdapTemplate.executeWithContext(LdapTemplate.java:800)
      3. org.springframework.ldap.core.LdapTemplate.executeReadOnly(LdapTemplate.java:783)
      4. org.springframework.ldap.core.LdapTemplate.lookup(LdapTemplate.java:881)
      4 frames
    3. com.atlassian.crowd
      ApplicationServiceGeneric.findGroupByName
      1. com.atlassian.crowd.integration.directory.connector.SpringLDAPConnector.findEntityByDN(SpringLDAPConnector.java:994)
      2. com.atlassian.crowd.integration.directory.cache.CachingLDAPDirectory.findEntityIdentifierFromDN(CachingLDAPDirectory.java:220)
      3. com.atlassian.crowd.integration.directory.cache.CachingLDAPDirectory.findGroupAndDirectMembersByName(CachingLDAPDirectory.java:331)
      4. com.atlassian.crowd.integration.directory.cache.CachingLDAPDirectory.findGroupByName(CachingLDAPDirectory.java:451)
      5. com.atlassian.crowd.integration.directory.cache.CachingLDAPDirectory.findGroupByName(CachingLDAPDirectory.java:470)
      6. com.atlassian.crowd.manager.application.ApplicationServiceGeneric.findGroupByName(ApplicationServiceGeneric.java:654)
      6 frames