com.atlassian.crowd.exception.OperationFailedException: org.springframework.ldap.UncategorizedLdapException: Unable to find the groupname of the principal.

Atlassian JIRA | Tim Wong [Atlassian] | 5 years ago
  1. 0

    Steps to reproduce: 1. Create base case of Confluence (I used Confluence 3.5.1, but I'm confident that this affects all current versions of 3.5.x+) 2. Create a record in LDAP-- LDIF attached to ticket (asdf.ldif) 3. User directory > Add this ldap as a read-only with local groups. Sync fails with this error: {code} 2011-07-05 11:58:00,635 INFO [QuartzScheduler_Worker-8] [atlassian.crowd.directory.DbCachingRemoteDirectoryCache] deleteCachedUsersNotIn scanned for deleted users in [ 1ms ] 2011-07-05 11:58:00,645 INFO [QuartzScheduler_Worker-8] [directory.ldap.util.DirectoryAttributeRetriever] getValueFromAttributes Unsafe or Blank attribute value for attribute <cn>: '^Zasdf'. 2011-07-05 11:58:00,646 FATAL [QuartzScheduler_Worker-8] [ldap.mapper.entity.LDAPGroupAttributesMapper] getGroupNameFromAttributes The following record does not have a groupname: {objectclass=objectClass: groupOfUniqueNames, top, uniquemember=uniquemember: cn=foobar,ou=people,o=sevenSeas, cn=cn: ^Zasdf} 2011-07-05 11:58:00,646 INFO [QuartzScheduler_Worker-8] [atlassian.crowd.directory.DbCachingRemoteDirectory] synchroniseCache synchronisation complete in [ 1039ms ] 2011-07-05 11:58:00,671 ERROR [QuartzScheduler_Worker-8] [atlassian.crowd.directory.DbCachingDirectoryPoller] pollChanges Error occurred while refreshing the cache for directory [ 327682 ]. com.atlassian.crowd.exception.OperationFailedException: org.springframework.ldap.UncategorizedLdapException: Unable to find the groupname of the principal. at com.atlassian.crowd.directory.SpringLDAPConnector.searchEntitiesWithRequestControls(SpringLDAPConnector.java:405) at com.atlassian.crowd.directory.SpringLDAPConnector.searchEntities(SpringLDAPConnector.java:370) at com.atlassian.crowd.directory.SpringLDAPConnector.searchGroupObjectsOfSpecifiedGroupType(SpringLDAPConnector.java:1094) at com.atlassian.crowd.directory.SpringLDAPConnector.searchGroupObjects(SpringLDAPConnector.java:1144) {code} The origin of this case traces back to korean characters in the cn of an Active Directory group reference.

    Atlassian JIRA | 5 years ago | Tim Wong [Atlassian]
    com.atlassian.crowd.exception.OperationFailedException: org.springframework.ldap.UncategorizedLdapException: Unable to find the groupname of the principal.
  2. 0

    Steps to reproduce: 1. Create base case of Confluence (I used Confluence 3.5.1, but I'm confident that this affects all current versions of 3.5.x+) 2. Create a record in LDAP-- LDIF attached to ticket (asdf.ldif) 3. User directory > Add this ldap as a read-only with local groups. Sync fails with this error: {code} 2011-07-05 11:58:00,635 INFO [QuartzScheduler_Worker-8] [atlassian.crowd.directory.DbCachingRemoteDirectoryCache] deleteCachedUsersNotIn scanned for deleted users in [ 1ms ] 2011-07-05 11:58:00,645 INFO [QuartzScheduler_Worker-8] [directory.ldap.util.DirectoryAttributeRetriever] getValueFromAttributes Unsafe or Blank attribute value for attribute <cn>: '^Zasdf'. 2011-07-05 11:58:00,646 FATAL [QuartzScheduler_Worker-8] [ldap.mapper.entity.LDAPGroupAttributesMapper] getGroupNameFromAttributes The following record does not have a groupname: {objectclass=objectClass: groupOfUniqueNames, top, uniquemember=uniquemember: cn=foobar,ou=people,o=sevenSeas, cn=cn: ^Zasdf} 2011-07-05 11:58:00,646 INFO [QuartzScheduler_Worker-8] [atlassian.crowd.directory.DbCachingRemoteDirectory] synchroniseCache synchronisation complete in [ 1039ms ] 2011-07-05 11:58:00,671 ERROR [QuartzScheduler_Worker-8] [atlassian.crowd.directory.DbCachingDirectoryPoller] pollChanges Error occurred while refreshing the cache for directory [ 327682 ]. com.atlassian.crowd.exception.OperationFailedException: org.springframework.ldap.UncategorizedLdapException: Unable to find the groupname of the principal. at com.atlassian.crowd.directory.SpringLDAPConnector.searchEntitiesWithRequestControls(SpringLDAPConnector.java:405) at com.atlassian.crowd.directory.SpringLDAPConnector.searchEntities(SpringLDAPConnector.java:370) at com.atlassian.crowd.directory.SpringLDAPConnector.searchGroupObjectsOfSpecifiedGroupType(SpringLDAPConnector.java:1094) at com.atlassian.crowd.directory.SpringLDAPConnector.searchGroupObjects(SpringLDAPConnector.java:1144) {code} The origin of this case traces back to korean characters in the cn of an Active Directory group reference.

    Atlassian JIRA | 5 years ago | Tim Wong [Atlassian]
    com.atlassian.crowd.exception.OperationFailedException: org.springframework.ldap.UncategorizedLdapException: Unable to find the groupname of the principal.
  3. 0

    h1. Symptoms An org.springframework.ldap.UncategorizedLdapException exception is thrown when testing searching users/groups while setting up a new ActiveDirectory connector. The exception is uncaught, therefore the user is shown a blank screen, and an stacktrace appears in the logs. h1. Steps to reproduce # Click on 'Add directory' # Select 'Connector' # Enter a name # Switch to the 2nd tab ('Connector') # Pick 'Microsoft Active Directory' # Enter a correct URL (e.g. ldap://crowd-ad1:389/), a correct base DN and correct credentials # Optionally, click on 'Test connection'. The test should pass. # Change to the 3rd tab ('Configuration'). # Click on 'Test search'. Expected result: an error message is displayed on the screen to inform the user. Actual result: blank screen, and stacktrace in the logs. h1. Stacktrace {code} 2013-01-29 17:10:31,412 http-8095-6 FATAL [springframework.ldap.control.AbstractRequestControlDirContextProcessor] No matching response control found for paged results - looking for 'class javax.naming.ldap.PagedResultsResponseControl 2013-01-29 17:10:31,412 http-8095-6 ERROR [console.action.directory.CreateDirectory] org.springframework.ldap.UncategorizedLdapException: Uncategorized exception occured during LDAP processing; nested exception is javax.naming.NamingException: [LDAP: error code 1 - 00000000: LdapErr: DSID-0C090627, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, vece]; remaining name 'dc=sydney,dc=atlassian,dc=com' com.atlassian.crowd.exception.OperationFailedException: org.springframework.ldap.UncategorizedLdapException: Uncategorized exception occured during LDAP processing; nested exception is javax.naming.NamingException: [LDAP: error code 1 - 00000000: LdapErr: DSID-0C090627, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, vece]; remaining name 'dc=sydney,dc=atlassian,dc=com' at com.atlassian.crowd.directory.SpringLDAPConnector.pageSearchResults(SpringLDAPConnector.java:385) at com.atlassian.crowd.directory.SpringLDAPConnector.searchEntitiesWithRequestControls(SpringLDAPConnector.java:418) at com.atlassian.crowd.directory.SpringLDAPConnector.searchEntities(SpringLDAPConnector.java:403) at com.atlassian.crowd.directory.SpringLDAPConnector.searchUserObjects(SpringLDAPConnector.java:592) at com.atlassian.crowd.directory.SpringLDAPConnector.searchUsers(SpringLDAPConnector.java:958) at com.atlassian.crowd.console.action.directory.LDAPConfigurationTester$Strategy$1.search(LDAPConfigurationTester.java:29) at com.atlassian.crowd.console.action.directory.LDAPConfigurationTesterImpl.canFindLdapObjects(LDAPConfigurationTesterImpl.java:27) at com.atlassian.crowd.console.action.directory.CreateConnector.doTestSearch(CreateConnector.java:238) at com.atlassian.crowd.console.action.directory.CreateConnector.doTestPrincipalSearch(CreateConnector.java:220) ... Caused by: org.springframework.ldap.UncategorizedLdapException: Uncategorized exception occured during LDAP processing; nested exception is javax.naming.NamingException: [LDAP: error code 1 - 00000000: LdapErr: DSID-0C090627, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, vece]; remaining name 'dc=sydney,dc=atlassian,dc=com' at org.springframework.ldap.support.LdapUtils.convertLdapException(LdapUtils.java:217) at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:319) at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:237) at com.atlassian.crowd.directory.ldap.LdapTemplateWithClassLoaderWrapper$4.call(LdapTemplateWithClassLoaderWrapper.java:92) at com.atlassian.crowd.directory.ldap.LdapTemplateWithClassLoaderWrapper$4.call(LdapTemplateWithClassLoaderWrapper.java:89) at com.atlassian.crowd.directory.ldap.LdapTemplateWithClassLoaderWrapper.invokeWithContextClassLoader(LdapTemplateWithClassLoaderWrapper.java:47) at com.atlassian.crowd.directory.ldap.LdapTemplateWithClassLoaderWrapper.search(LdapTemplateWithClassLoaderWrapper.java:89) at com.atlassian.crowd.directory.SpringLDAPConnector.pageSearchResults(SpringLDAPConnector.java:352) ... 134 more Caused by: javax.naming.NamingException: [LDAP: error code 1 - 00000000: LdapErr: DSID-0C090627, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, vece]; remaining name 'dc=sydney,dc=atlassian,dc=com' at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3127) at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3033) at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2840) at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1849) at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1772) at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:386) at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:356) at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:276) at sun.reflect.GeneratedMethodAccessor342.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:601) at org.springframework.ldap.transaction.compensating.manager.TransactionAwareDirContextInvocationHandler.invoke(TransactionAwareDirContextInvocationHandler.java:92) at $Proxy146.search(Unknown Source) at org.springframework.ldap.core.LdapTemplate$3.executeSearch(LdapTemplate.java:231) at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:293) {code}

    Atlassian JIRA | 4 years ago | Diego Berrueta Munoz
    com.atlassian.crowd.exception.OperationFailedException: org.springframework.ldap.UncategorizedLdapException: Uncategorized exception occured during LDAP processing; nested exception is javax.naming.NamingException: [LDAP: error code 1 - 00000000: LdapErr: DSID-0C090627, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, vece]; remaining name 'dc=sydney,dc=atlassian,dc=com'
  4. Speed up your debug routine!

    Automated exception search integrated into your IDE

  5. 0

    h1. Symptoms An org.springframework.ldap.UncategorizedLdapException exception is thrown when testing searching users/groups while setting up a new ActiveDirectory connector. The exception is uncaught, therefore the user is shown a blank screen, and an stacktrace appears in the logs. h1. Steps to reproduce # Click on 'Add directory' # Select 'Connector' # Enter a name # Switch to the 2nd tab ('Connector') # Pick 'Microsoft Active Directory' # Enter a correct URL (e.g. ldap://crowd-ad1:389/), a correct base DN and correct credentials # Optionally, click on 'Test connection'. The test should pass. # Change to the 3rd tab ('Configuration'). # Click on 'Test search'. Expected result: an error message is displayed on the screen to inform the user. Actual result: blank screen, and stacktrace in the logs. h1. Stacktrace {code} 2013-01-29 17:10:31,412 http-8095-6 FATAL [springframework.ldap.control.AbstractRequestControlDirContextProcessor] No matching response control found for paged results - looking for 'class javax.naming.ldap.PagedResultsResponseControl 2013-01-29 17:10:31,412 http-8095-6 ERROR [console.action.directory.CreateDirectory] org.springframework.ldap.UncategorizedLdapException: Uncategorized exception occured during LDAP processing; nested exception is javax.naming.NamingException: [LDAP: error code 1 - 00000000: LdapErr: DSID-0C090627, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, vece]; remaining name 'dc=sydney,dc=atlassian,dc=com' com.atlassian.crowd.exception.OperationFailedException: org.springframework.ldap.UncategorizedLdapException: Uncategorized exception occured during LDAP processing; nested exception is javax.naming.NamingException: [LDAP: error code 1 - 00000000: LdapErr: DSID-0C090627, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, vece]; remaining name 'dc=sydney,dc=atlassian,dc=com' at com.atlassian.crowd.directory.SpringLDAPConnector.pageSearchResults(SpringLDAPConnector.java:385) at com.atlassian.crowd.directory.SpringLDAPConnector.searchEntitiesWithRequestControls(SpringLDAPConnector.java:418) at com.atlassian.crowd.directory.SpringLDAPConnector.searchEntities(SpringLDAPConnector.java:403) at com.atlassian.crowd.directory.SpringLDAPConnector.searchUserObjects(SpringLDAPConnector.java:592) at com.atlassian.crowd.directory.SpringLDAPConnector.searchUsers(SpringLDAPConnector.java:958) at com.atlassian.crowd.console.action.directory.LDAPConfigurationTester$Strategy$1.search(LDAPConfigurationTester.java:29) at com.atlassian.crowd.console.action.directory.LDAPConfigurationTesterImpl.canFindLdapObjects(LDAPConfigurationTesterImpl.java:27) at com.atlassian.crowd.console.action.directory.CreateConnector.doTestSearch(CreateConnector.java:238) at com.atlassian.crowd.console.action.directory.CreateConnector.doTestPrincipalSearch(CreateConnector.java:220) ... Caused by: org.springframework.ldap.UncategorizedLdapException: Uncategorized exception occured during LDAP processing; nested exception is javax.naming.NamingException: [LDAP: error code 1 - 00000000: LdapErr: DSID-0C090627, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, vece]; remaining name 'dc=sydney,dc=atlassian,dc=com' at org.springframework.ldap.support.LdapUtils.convertLdapException(LdapUtils.java:217) at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:319) at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:237) at com.atlassian.crowd.directory.ldap.LdapTemplateWithClassLoaderWrapper$4.call(LdapTemplateWithClassLoaderWrapper.java:92) at com.atlassian.crowd.directory.ldap.LdapTemplateWithClassLoaderWrapper$4.call(LdapTemplateWithClassLoaderWrapper.java:89) at com.atlassian.crowd.directory.ldap.LdapTemplateWithClassLoaderWrapper.invokeWithContextClassLoader(LdapTemplateWithClassLoaderWrapper.java:47) at com.atlassian.crowd.directory.ldap.LdapTemplateWithClassLoaderWrapper.search(LdapTemplateWithClassLoaderWrapper.java:89) at com.atlassian.crowd.directory.SpringLDAPConnector.pageSearchResults(SpringLDAPConnector.java:352) ... 134 more Caused by: javax.naming.NamingException: [LDAP: error code 1 - 00000000: LdapErr: DSID-0C090627, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, vece]; remaining name 'dc=sydney,dc=atlassian,dc=com' at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3127) at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3033) at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2840) at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1849) at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1772) at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:386) at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:356) at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:276) at sun.reflect.GeneratedMethodAccessor342.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:601) at org.springframework.ldap.transaction.compensating.manager.TransactionAwareDirContextInvocationHandler.invoke(TransactionAwareDirContextInvocationHandler.java:92) at $Proxy146.search(Unknown Source) at org.springframework.ldap.core.LdapTemplate$3.executeSearch(LdapTemplate.java:231) at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:293) {code}

    Atlassian JIRA | 4 years ago | Diego Berrueta
    com.atlassian.crowd.exception.OperationFailedException: org.springframework.ldap.UncategorizedLdapException: Uncategorized exception occured during LDAP processing; nested exception is javax.naming.NamingException: [LDAP: error code 1 - 00000000: LdapErr: DSID-0C090627, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, vece]; remaining name 'dc=sydney,dc=atlassian,dc=com'
  6. 0

    In previous versions of Stash the LDAP synchronization time display automatically refreshed, but in this current version the synchronization time does not update. This is only a minor inconvenience, but our ldap sync sometimes takes 300-400 second and it would be better to watch the time update without manually refreshing. This is caused by the JavaScript failing to find the {{"synchronisation-started"}} template

    Atlassian JIRA | 2 years ago | Jen Connor
    com.atlassian.crowd.exception.OperationFailedException: org.springframework.ldap.AuthenticationNotSupportedException: [LDAP: error code 8 - 00002028: LdapErr: DSID-0C0901FC, comment: The server requires binds to turn on integrity checking if SSL\TLS are not already active on the connection, data 0, v1db1^@]; nested exception is javax.naming.AuthenticationNotSupportedException: [LDAP: error code 8 - 00002028: LdapErr: DSID-0C0901FC, comment: The server requires binds to turn on integrity checking if SSL\TLS are not already active on the connection, data 0, v1db1^@]

    Not finding the right solution?
    Take a tour to get the most out of Samebug.

    Tired of useless tips?

    Automated exception search integrated into your IDE

    Root Cause Analysis

    1. com.atlassian.crowd.exception.OperationFailedException

      org.springframework.ldap.UncategorizedLdapException: Unable to find the groupname of the principal.

      at com.atlassian.crowd.directory.SpringLDAPConnector.searchEntitiesWithRequestControls()
    2. com.atlassian.crowd
      SpringLDAPConnector.searchGroupObjects
      1. com.atlassian.crowd.directory.SpringLDAPConnector.searchEntitiesWithRequestControls(SpringLDAPConnector.java:405)
      2. com.atlassian.crowd.directory.SpringLDAPConnector.searchEntities(SpringLDAPConnector.java:370)
      3. com.atlassian.crowd.directory.SpringLDAPConnector.searchGroupObjectsOfSpecifiedGroupType(SpringLDAPConnector.java:1094)
      4. com.atlassian.crowd.directory.SpringLDAPConnector.searchGroupObjects(SpringLDAPConnector.java:1144)
      4 frames