javax.naming.InvalidNameException: [LDAP: error code 34 - Incorrect DN given : admin@dc=example,dc=com (0x73 0x79 0x73 0x61 0x64 0x6D 0x69 0x6E 0x40 0x64 0x63 0x3D 0x70 0x75 0x70 0x70 0x75 0x74 0x2C 0x64 0x63 0x3D 0x63 0x6F 0x6D ) is invalid]

Stack Overflow | FoufaFaFa | 3 months ago
  1. 0

    LDAP: error code 34 - Incorrect DN given

    Stack Overflow | 3 months ago | FoufaFaFa
    javax.naming.InvalidNameException: [LDAP: error code 34 - Incorrect DN given : admin@dc=example,dc=com (0x73 0x79 0x73 0x61 0x64 0x6D 0x69 0x6E 0x40 0x64 0x63 0x3D 0x70 0x75 0x70 0x70 0x75 0x74 0x2C 0x64 0x63 0x3D 0x63 0x6F 0x6D ) is invalid]
  2. 0

    Authentication for a LDAP user with a '/' in CN fails with a similar exception: {noformat} performing search: (CN=another/one) on dc=atlassian,dc=com (authenticated) LDAP: Initial connect and search successful, but authenticating user as '"cn=another/one,ou=users",dc=atlassian,dc=com' failed. javax.naming.InvalidNameException - [LDAP: error code 34 - Incorrect DN given : "cn=another/one,ou=users",dc=atlassian,dc=com (0x22 0x63 0x6E 0x3D 0x61 0x6E 0x6F 0x74 0x68 0x65 0x72 0x2F 0x6F 0x6E 0x65 0x2C 0x6F 0x75 0x3D 0x75 0x73 0x65 0x72 0x73 0x22 0x2C 0x64 0x63 0x3D 0x61 0x74 0x6C 0x61 0x73 0x73 0x69 0x61 0x6E 0x2C 0x64 0x63 0x3D 0x63 0x6F 0x6D ) is invalid] LDAP password check for another/one in 7ms {noformat} where cn='another/one' Logs: {quote} 12:37:18 ERROR - LDAP: Initial connect and search successful, but authenticating user as '"cn=another/one,ou=users",dc=atlassian,dc=com' failed. javax.naming.InvalidNameException: [LDAP: error code 34 - Incorrect DN given : "cn=another/one,ou=users",dc=atlassian,dc=com (0x22 0x63 0x6E 0x3D 0x61 0x6E 0x6F 0x74 0x68 0x65 0x72 0x2F 0x6F 0x6E 0x65 0x2C 0x6F 0x75 0x3D 0x75 0x73 0x65 0x72 0x73 0x22 0x2C 0x64 0x63 0x3D 0x61 0x74 0x6C 0x61 0x73 0x73 0x69 0x61 0x6E 0x2C 0x64 0x63 0x3D 0x63 0x6F 0x6D ) is invalid] at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2926) at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2732) at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2646) at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:283) at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175) at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:193) at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:136) at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:66) at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667) at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:247) at javax.naming.InitialContext.init(InitialContext.java:223) at javax.naming.InitialContext.<init>(InitialContext.java:197) at javax.naming.directory.InitialDirContext.<init>(InitialDirContext.java:82) {quote}

    Atlassian JIRA | 6 years ago | Piotr Swiecicki [Atlassian]
    javax.naming.InvalidNameException: [LDAP: error code 34 - Incorrect DN given : "cn=another/one,ou=users",dc=atlassian,dc=com (0x22 0x63 0x6E 0x3D 0x61 0x6E 0x6F 0x74 0x68 0x65 0x72 0x2F 0x6F 0x6E 0x65 0x2C 0x6F 0x75 0x3D 0x75 0x73 0x65 0x72 0x73 0x22 0x2C 0x64 0x63 0x3D 0x61 0x74 0x6C 0x61 0x73 0x73 0x69 0x61 0x6E 0x2C 0x64 0x63 0x3D 0x63 0x6F 0x6D ) is invalid]
  3. 0

    Authentication for a LDAP user with a '/' in CN fails with a similar exception: {noformat} performing search: (CN=another/one) on dc=atlassian,dc=com (authenticated) LDAP: Initial connect and search successful, but authenticating user as '"cn=another/one,ou=users",dc=atlassian,dc=com' failed. javax.naming.InvalidNameException - [LDAP: error code 34 - Incorrect DN given : "cn=another/one,ou=users",dc=atlassian,dc=com (0x22 0x63 0x6E 0x3D 0x61 0x6E 0x6F 0x74 0x68 0x65 0x72 0x2F 0x6F 0x6E 0x65 0x2C 0x6F 0x75 0x3D 0x75 0x73 0x65 0x72 0x73 0x22 0x2C 0x64 0x63 0x3D 0x61 0x74 0x6C 0x61 0x73 0x73 0x69 0x61 0x6E 0x2C 0x64 0x63 0x3D 0x63 0x6F 0x6D ) is invalid] LDAP password check for another/one in 7ms {noformat} where cn='another/one' Logs: {quote} 12:37:18 ERROR - LDAP: Initial connect and search successful, but authenticating user as '"cn=another/one,ou=users",dc=atlassian,dc=com' failed. javax.naming.InvalidNameException: [LDAP: error code 34 - Incorrect DN given : "cn=another/one,ou=users",dc=atlassian,dc=com (0x22 0x63 0x6E 0x3D 0x61 0x6E 0x6F 0x74 0x68 0x65 0x72 0x2F 0x6F 0x6E 0x65 0x2C 0x6F 0x75 0x3D 0x75 0x73 0x65 0x72 0x73 0x22 0x2C 0x64 0x63 0x3D 0x61 0x74 0x6C 0x61 0x73 0x73 0x69 0x61 0x6E 0x2C 0x64 0x63 0x3D 0x63 0x6F 0x6D ) is invalid] at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2926) at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2732) at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2646) at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:283) at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175) at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:193) at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:136) at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:66) at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667) at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:247) at javax.naming.InitialContext.init(InitialContext.java:223) at javax.naming.InitialContext.<init>(InitialContext.java:197) at javax.naming.directory.InitialDirContext.<init>(InitialDirContext.java:82) {quote}

    Atlassian JIRA | 6 years ago | Piotr Swiecicki [Atlassian]
    javax.naming.InvalidNameException: [LDAP: error code 34 - Incorrect DN given : "cn=another/one,ou=users",dc=atlassian,dc=com (0x22 0x63 0x6E 0x3D 0x61 0x6E 0x6F 0x74 0x68 0x65 0x72 0x2F 0x6F 0x6E 0x65 0x2C 0x6F 0x75 0x3D 0x75 0x73 0x65 0x72 0x73 0x22 0x2C 0x64 0x63 0x3D 0x61 0x74 0x6C 0x61 0x73 0x73 0x69 0x61 0x6E 0x2C 0x64 0x63 0x3D 0x63 0x6F 0x6D ) is invalid]
  4. Speed up your debug routine!

    Automated exception search integrated into your IDE

  5. 0

    [JENKINS-12907] Active Directory/LDAP group with special characters causes authentication/retrieveUser to fail - Jenkins JIRA

    jenkins-ci.org | 1 year ago
    javax.naming.InvalidNameException: "CN=test\,+\"\\\<\>\;\=/role,OU=Groups,DC=Example,DC=com": [LDAP: error code 34 - 0000208F: LdapErr: DSID-0C090709, comment: Error processing name, data 0, v1db0] ; remaining name '"CN=test\,+\"\\\<\>\;\=/role,OU=Groups,DC=Example,DC=com"'
  6. 0

    h2. Steps to reproduce # In Active Directory, create a group with two trailing spaces in the CN. E.g.: "examplegroup " with two trailing spaces. # The FQDN should read something like: "cn=examplegroup \ ,ou=groups,dc=example,dc=com" # Hook up Crowd 2.8 to this AD using a Connector # Trigger a sync h2. Expected behavior Sync completes, the AD group is pulled into Crowd with two trailing spaces h2. Actual behavior Sync fails due to an LDAP error code 34. Full stracktrace: {code} 2015-03-02 13:57:44,274 scheduler_Worker-10 ERROR [atlassian.crowd.directory.DbCachingDirectoryPoller] Error occurred while refreshing the cache for directory [ 32770 ]. org.springframework.ldap.InvalidNameException: cn=examplegroup\ \ ,ou=groups,dc=example,dc=com: [LDAP: error code 34 - 0000208F: LdapErr: DSID-0C090654, comment: Error processing name, data 0, vece]; nested exception is javax.naming.InvalidNameException: cn=examplegroup\ \ ,ou=groups,dc=example,dc=com: [LDAP: error code 34 - 0000208F: LdapErr: DSID-0C090654, comment: Error processing name, data 0, vece]; remaining name 'cn=examplegroup\ \ ,ou=groups,dc=example,dc=com' at org.springframework.ldap.support.LdapUtils.convertLdapException(LdapUtils.java:136) at org.springframework.ldap.core.LdapTemplate.executeWithContext(LdapTemplate.java:820) at org.springframework.ldap.core.LdapTemplate.executeReadOnly(LdapTemplate.java:803) at org.springframework.ldap.core.LdapTemplate.lookup(LdapTemplate.java:935) at com.atlassian.crowd.directory.ldap.SpringLdapTemplateWrapper$9.timedCall(SpringLdapTemplateWrapper.java:286) at com.atlassian.crowd.directory.ldap.SpringLdapTemplateWrapper$TimedCallable.call(SpringLdapTemplateWrapper.java:124) at com.atlassian.crowd.directory.ldap.SpringLdapTemplateWrapper.invokeWithContextClassLoader(SpringLdapTemplateWrapper.java:87) at com.atlassian.crowd.directory.ldap.SpringLdapTemplateWrapper.lookup(SpringLdapTemplateWrapper.java:282) at com.atlassian.crowd.directory.RFC4519Directory.findDirectMembersOfGroup(RFC4519Directory.java:959) at com.atlassian.crowd.directory.MicrosoftActiveDirectory.findDirectMembersOfGroup(MicrosoftActiveDirectory.java:516) at com.atlassian.crowd.directory.RFC4519DirectoryMembershipsIterable$2.apply(RFC4519DirectoryMembershipsIterable.java:78) at com.atlassian.crowd.directory.RFC4519DirectoryMembershipsIterable$2.apply(RFC4519DirectoryMembershipsIterable.java:70) at com.google.common.collect.Iterators$8.next(Iterators.java:812) at com.atlassian.crowd.directory.ldap.cache.AbstractCacheRefresher.synchroniseMemberships(AbstractCacheRefresher.java:128) at com.atlassian.crowd.directory.ldap.cache.AbstractCacheRefresher.synchroniseAll(AbstractCacheRefresher.java:84) at com.atlassian.crowd.directory.ldap.cache.UsnChangedCacheRefresher.synchroniseAll(UsnChangedCacheRefresher.java:161) at com.atlassian.crowd.directory.DbCachingRemoteDirectory.synchroniseCache(DbCachingRemoteDirectory.java:1120) at com.atlassian.crowd.manager.directory.DirectorySynchroniserImpl.synchronise(DirectorySynchroniserImpl.java:76) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:606) at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:317) at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150) at org.springframework.transaction.interceptor.TransactionInterceptor$1.proceedWithInvocation(TransactionInterceptor.java:96) at org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:260) at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:94) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204) at com.sun.proxy.$Proxy37.synchronise(Unknown Source) at com.atlassian.crowd.directory.DbCachingDirectoryPoller.pollChanges(DbCachingDirectoryPoller.java:50) at com.atlassian.crowd.manager.directory.monitor.poller.DirectoryPollerJobRunner.runJob(DirectoryPollerJobRunner.java:93) at com.atlassian.scheduler.core.JobLauncher.runJob(JobLauncher.java:135) at com.atlassian.scheduler.core.JobLauncher.launchAndBuildResponse(JobLauncher.java:101) at com.atlassian.scheduler.core.JobLauncher.launch(JobLauncher.java:80) at com.atlassian.scheduler.quartz1.Quartz1Job.execute(Quartz1Job.java:32) at org.quartz.core.JobRunShell.run(JobRunShell.java:223) at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:549) Caused by: javax.naming.InvalidNameException: cn=examplegroup\ \ ,ou=groups,dc=example,dc=com: [LDAP: error code 34 - 0000208F: LdapErr: DSID-0C090654, comment: Error processing name, data 0, vece]; remaining name 'cn=examplegroup\ \ ,ou=groups,dc=example,dc=com' at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3025) at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2840) at com.sun.jndi.ldap.LdapCtx.c_getAttributes(LdapCtx.java:1332) at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_getAttributes(ComponentDirContext.java:231) at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.getAttributes(PartialCompositeDirContext.java:139) at javax.naming.directory.InitialDirContext.getAttributes(InitialDirContext.java:152) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:606) at org.springframework.ldap.transaction.compensating.manager.TransactionAwareDirContextInvocationHandler.invoke(TransactionAwareDirContextInvocationHandler.java:90) at com.sun.proxy.$Proxy383.getAttributes(Unknown Source) at org.springframework.ldap.core.LdapTemplate$17.executeWithContext(LdapTemplate.java:937) at org.springframework.ldap.core.LdapTemplate.executeWithContext(LdapTemplate.java:817) ... 37 more {code} h2. Other notes May be an Active Directory-only issue. Was not able to reproducing using ApacheDS 1.5. Functionality-wise, this is the same issue in CWD-3823. That bug was originally closed with a fix version of Crowd 2.8 in anticipation that SpringLDAP 2.0 would have resolved this. h2. Workarounds * (Recommended) Removing the trailing spaces on the AD side * Use an LDAP search filter in Crowd to specifically exclude the problem groups

    Atlassian JIRA | 2 years ago | Robert Chang [Atlassian]
    org.springframework.ldap.InvalidNameException: cn=examplegroup\ \ ,ou=groups,dc=example,dc=com: [LDAP: error code 34 - 0000208F: LdapErr: DSID-0C090654, comment: Error processing name, data 0, vece]; nested exception is javax.naming.InvalidNameException: cn=examplegroup\ \ ,ou=groups,dc=example,dc=com: [LDAP: error code 34 - 0000208F: LdapErr: DSID-0C090654, comment: Error processing name, data 0, vece]; remaining name 'cn=examplegroup\ \ ,ou=groups,dc=example,dc=com'

    Not finding the right solution?
    Take a tour to get the most out of Samebug.

    Tired of useless tips?

    Automated exception search integrated into your IDE

    Root Cause Analysis

    1. javax.naming.InvalidNameException

      [LDAP: error code 34 - Incorrect DN given : admin@dc=example,dc=com (0x73 0x79 0x73 0x61 0x64 0x6D 0x69 0x6E 0x40 0x64 0x63 0x3D 0x70 0x75 0x70 0x70 0x75 0x74 0x2C 0x64 0x63 0x3D 0x63 0x6F 0x6D ) is invalid]

      at com.sun.jndi.ldap.LdapCtx.processReturnCode()
    2. Java RT
      LdapCtx.connect
      1. com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3076)
      2. com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2883)
      3. com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2797)
      3 frames