09-19-2023 06:21 AM
Hello ,
i have some problem with sync LDAP .
Alfresco start to sync but failed.
2023-09-19 10:07:50,044 INFO [management.subsystems.ChildApplicationContextFactory] [http-nio-8080-exec-5] Startup of 'Search' subsystem, ID: [Search, managed, solr6] complete 2023-09-19T10:08:54.730817023Z 2023-09-19 10:08:54,730 INFO [security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-3] Synchronizing users and groups with user registry 'ldap1-ad' 2023-09-19T10:08:54.730856122Z 2023-09-19 10:08:54,730 WARN [security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-3] Some users and groups previously created by synchronization with this user registry may be removed. 2023-09-19T10:08:54.778505718Z 2023-09-19 10:08:54,778 INFO [security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-3] Retrieving all groups from user registry 'ldap1-ad' 2023-09-19T10:10:55.310029421Z 2023-09-19 10:10:55,309 WARN [sync.ldap.LDAPUserRegistry] [DefaultScheduler_Worker-3] Failed to resolve member of group 'zzzzRecettes-iTop' with distinguished name: CN=Thomas FERRAZ - Teamwork,OU=ou_Contacts_Externe,OU=ZAdminAlptis,DC=alptis,DC=local 2023-09-19T10:11:12.602004506Z 2023-09-19 10:11:12,601 INFO [security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-3] Synchronization,Category=directory,id1=ldap1-ad,id2=1 Group Analysis: Commencing batch of 1447 entries 2023-09-19T10:11:13.054824493Z 2023-09-19 10:11:13,054 INFO [security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-3] Synchronization,Category=directory,id1=ldap1-ad,id2=1 Group Analysis: Processed 100 entries out of 1447. 7% complete. Rate: 220 per second. 0 failures detected. 2023-09-19T10:11:13.447487759Z 2023-09-19 10:11:13,447 INFO [security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-3] Synchronization,Category=directory,id1=ldap1-ad,id2=1 Group Analysis: Processed 200 entries out of 1447. 14% complete. Rate: 236 per second. 0 failures detected. 2023-09-19T10:11:13.812573178Z 2023-09-19 10:11:13,812 INFO [security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-3] Synchronization,Category=directory,id1=ldap1-ad,id2=1 Group Analysis: Processed 300 entries out of 1447. 21% complete. Rate: 247 per second. 0 failures detected. 2023-09-19T10:11:14.201224373Z 2023-09-19 10:11:14,200 INFO [security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-3] Synchronization,Category=directory,id1=ldap1-ad,id2=1 Group Analysis: Processed 400 entries out of 1447. 28% complete. Rate: 250 per second. 0 failures detected. 2023-09-19T10:11:14.556970721Z 2023-09-19 10:11:14,556 INFO [security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-3] Synchronization,Category=directory,id1=ldap1-ad,id2=1 Group Analysis: Processed 500 entries out of 1447. 35% complete. Rate: 255 per second. 0 failures detected. 2023-09-19T10:11:15.012058635Z 2023-09-19 10:11:15,011 INFO [security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-3] Synchronization,Category=directory,id1=ldap1-ad,id2=1 Group Analysis: Processed 600 entries out of 1447. 41% complete. Rate: 248 per second. 0 failures detected. 2023-09-19T10:11:15.443136710Z 2023-09-19 10:11:15,442 INFO [security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-3] Synchronization,Category=directory,id1=ldap1-ad,id2=1 Group Analysis: Processed 700 entries out of 1447. 48% complete. Rate: 246 per second. 0 failures detected. 2023-09-19T10:11:16.302546563Z 2023-09-19 10:11:16,302 INFO [security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-3] Synchronization,Category=directory,id1=ldap1-ad,id2=1 Group Analysis: Processed 800 entries out of 1447. 55% complete. Rate: 216 per second. 0 failures detected. 2023-09-19T10:11:16.699533387Z 2023-09-19 10:11:16,699 INFO [security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-3] Synchronization,Category=directory,id1=ldap1-ad,id2=1 Group Analysis: Processed 900 entries out of 1447. 62% complete. Rate: 219 per second. 0 failures detected. 2023-09-19T10:11:17.032435260Z 2023-09-19 10:11:17,032 INFO [security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-3] Synchronization,Category=directory,id1=ldap1-ad,id2=1 Group Analysis: Processed 1000 entries out of 1447. 69% complete. Rate: 225 per second. 0 failures detected. 2023-09-19T10:11:17.287481586Z 2023-09-19 10:11:17,287 INFO [security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-3] Synchronization,Category=directory,id1=ldap1-ad,id2=1 Group Analysis: Processed 1100 entries out of 1447. 76% complete. Rate: 234 per second. 0 failures detected. 2023-09-19T10:11:17.764118244Z 2023-09-19 10:11:17,763 INFO [security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-3] Synchronization,Category=directory,id1=ldap1-ad,id2=1 Group Analysis: Processed 1200 entries out of 1447. 83% complete. Rate: 232 per second. 0 failures detected. 2023-09-19T10:11:18.089037550Z 2023-09-19 10:11:18,088 INFO [security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-3] Synchronization,Category=directory,id1=ldap1-ad,id2=1 Group Analysis: Processed 1300 entries out of 1447. 90% complete. Rate: 236 per second. 0 failures detected. 2023-09-19T10:11:18.427441426Z 2023-09-19 10:11:18,427 INFO [security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-3] Synchronization,Category=directory,id1=ldap1-ad,id2=1 Group Analysis: Processed 1400 entries out of 1447. 97% complete. Rate: 240 per second. 0 failures detected. 2023-09-19T10:11:18.541540425Z 2023-09-19 10:11:18,541 INFO [security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-3] Synchronization,Category=directory,id1=ldap1-ad,id2=1 Group Analysis: Processed 1447 entries out of 1447. 100% complete. Rate: 243 per second. 0 failures detected. 2023-09-19T10:11:18.541569975Z 2023-09-19 10:11:18,541 INFO [security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-3] Synchronization,Category=directory,id1=ldap1-ad,id2=1 Group Analysis: Completed batch of 1447 entries 2023-09-19T10:12:22.784214830Z 2023-09-19 10:12:22,781 ERROR [security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-3] Synchronization aborted due to error 2023-09-19T10:12:22.784275750Z org.alfresco.error.AlfrescoRuntimeException: 08190033 Error during LDAP Search. Reason:null 2023-09-19T10:12:22.784284995Z at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry.processQuery(LDAPUserRegistry.java:1346) 2023-09-19T10:12:22.784289365Z at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry.getPersonNames(LDAPUserRegistry.java:584) 2023-09-19T10:12:22.784305878Z at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer$1Analyzer.processGroups(ChainingUserRegistrySynchronizer.java:1500) 2023-09-19T10:12:22.784308809Z at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer$1Analyzer.access$5(ChainingUserRegistrySynchronizer.java:1465) 2023-09-19T10:12:22.784311069Z at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.syncWithPlugin(ChainingUserRegistrySynchronizer.java:1751) 2023-09-19T10:12:22.784313185Z at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.synchronizeInternal(ChainingUserRegistrySynchronizer.java:739) 2023-09-19T10:12:22.784315512Z at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.synchronize(ChainingUserRegistrySynchronizer.java:471) 2023-09-19T10:12:22.784317797Z at org.alfresco.repo.security.sync.UserRegistrySynchronizerJob$1.doWork(UserRegistrySynchronizerJob.java:53) 2023-09-19T10:12:22.784319884Z at org.alfresco.repo.security.authentication.AuthenticationUtil.runAs(AuthenticationUtil.java:602) 2023-09-19T10:12:22.784322799Z at org.alfresco.repo.security.sync.UserRegistrySynchronizerJob.execute(UserRegistrySynchronizerJob.java:49) 2023-09-19T10:12:22.784324851Z at org.quartz.core.JobRunShell.run(JobRunShell.java:202) 2023-09-19T10:12:22.784326847Z at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:573) 2023-09-19T10:12:22.784328797Z Caused by: javax.naming.PartialResultException [Root exception is javax.naming.CommunicationException: entreprise.local:389 [Root exception is java.net.ConnectException: Connection refused (Connection refused)]] 2023-09-19T10:12:22.784330938Z at java.naming/com.sun.jndi.ldap.AbstractLdapNamingEnumeration.hasMoreImpl(AbstractLdapNamingEnumeration.java:237) 2023-09-19T10:12:22.784332951Z at java.naming/com.sun.jndi.ldap.AbstractLdapNamingEnumeration.hasMore(AbstractLdapNamingEnumeration.java:189) 2023-09-19T10:12:22.784336844Z at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry.processQuery(LDAPUserRegistry.java:1327) 2023-09-19T10:12:22.784339010Z ... 11 more 2023-09-19T10:12:22.784340948Z Caused by: javax.naming.CommunicationException: entreprise.local:389 [Root exception is java.net.ConnectException: Connection refused (Connection refused)] 2023-09-19T10:12:22.784343007Z at java.naming/com.sun.jndi.ldap.LdapReferralContext.<init>(LdapReferralContext.java:96) 2023-09-19T10:12:22.784345094Z at java.naming/com.sun.jndi.ldap.LdapReferralException.getReferralContext(LdapReferralException.java:151) 2023-09-19T10:12:22.784347055Z at java.naming/com.sun.jndi.ldap.AbstractLdapNamingEnumeration.hasMoreReferrals(AbstractLdapNamingEnumeration.java:325) 2023-09-19T10:12:22.784371734Z at java.naming/com.sun.jndi.ldap.AbstractLdapNamingEnumeration.hasMoreImpl(AbstractLdapNamingEnumeration.java:227) 2023-09-19T10:12:22.784376002Z ... 13 more 2023-09-19T10:12:22.784378183Z Caused by: java.net.ConnectException: Connection refused (Connection refused) 2023-09-19T10:12:22.784380279Z at java.base/java.net.PlainSocketImpl.socketConnect(Native Method) 2023-09-19T10:12:22.784386579Z at java.base/java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:399) 2023-09-19T10:12:22.784388849Z at java.base/java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:242) 2023-09-19T10:12:22.784390820Z at java.base/java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:224) 2023-09-19T10:12:22.784392825Z at java.base/java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) 2023-09-19T10:12:22.784394772Z at java.base/java.net.Socket.connect(Socket.java:609) 2023-09-19T10:12:22.784396660Z at java.base/java.net.Socket.connect(Socket.java:558) 2023-09-19T10:12:22.784398447Z at java.base/java.net.Socket.<init>(Socket.java:454) 2023-09-19T10:12:22.784400499Z at java.base/java.net.Socket.<init>(Socket.java:231) 2023-09-19T10:12:22.784402403Z at java.naming/com.sun.jndi.ldap.Connection.createSocket(Connection.java:345) 2023-09-19T10:12:22.784404310Z at java.naming/com.sun.jndi.ldap.Connection.<init>(Connection.java:231) 2023-09-19T10:12:22.784442419Z at java.naming/com.sun.jndi.ldap.LdapClient.<init>(LdapClient.java:137) 2023-09-19T10:12:22.784460807Z at java.naming/com.sun.jndi.ldap.LdapClientFactory.createPooledConnection(LdapClientFactory.java:64) 2023-09-19T10:12:22.784475214Z at java.naming/com.sun.jndi.ldap.pool.Connections.<init>(Connections.java:114) 2023-09-19T10:12:22.784484519Z at java.naming/com.sun.jndi.ldap.pool.Pool.getPooledConnection(Pool.java:136) 2023-09-19T10:12:22.784493686Z at java.naming/com.sun.jndi.ldap.LdapPoolManager.getLdapClient(LdapPoolManager.java:340) 2023-09-19T10:12:22.784620914Z at java.naming/com.sun.jndi.ldap.LdapClient.getInstance(LdapClient.java:1608) 2023-09-19T10:12:22.784662831Z at java.naming/com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2847) 2023-09-19T10:12:22.784684381Z at java.naming/com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:348) 2023-09-19T10:12:22.784702073Z at java.naming/com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxFromUrl(LdapCtxFactory.java:262) 2023-09-19T10:12:22.784732662Z at java.naming/com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:226) 2023-09-19T10:12:22.784745989Z at java.naming/com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:183) 2023-09-19T10:12:22.784780532Z at java.naming/com.sun.jndi.url.ldap.ldapURLContextFactory.getObjectInstance(ldapURLContextFactory.java:52) 2023-09-19T10:12:22.784806426Z at java.naming/javax.naming.spi.NamingManager.getURLObject(NamingManager.java:624) 2023-09-19T10:12:22.784831167Z at java.naming/javax.naming.spi.NamingManager.processURL(NamingManager.java:401) 2023-09-19T10:12:22.784879106Z at java.naming/javax.naming.spi.NamingManager.processURLAddrs(NamingManager.java:381) 2023-09-19T10:12:22.784916477Z at java.naming/javax.naming.spi.NamingManager.getObjectInstance(NamingManager.java:353) 2023-09-19T10:12:22.785048548Z at java.naming/com.sun.jndi.ldap.LdapReferralContext.<init>(LdapReferralContext.java:119) 2023-09-19T10:12:22.785072289Z ... 16 more 2023-09-19T10:12:22.806742581Z 2023-09-19 10:12:22,806 ERROR [security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-3] Synchronization aborted due to error 2023-09-19T10:12:22.806775031Z org.alfresco.error.AlfrescoRuntimeException: 08190033 Error during LDAP Search. Reason:null 2023-09-19T10:12:22.806778632Z at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry.processQuery(LDAPUserRegistry.java:1346) 2023-09-19T10:12:22.806781025Z at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry.getPersonNames(LDAPUserRegistry.java:584) 2023-09-19T10:12:22.806783194Z at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer$1Analyzer.processGroups(ChainingUserRegistrySynchronizer.java:1500)
.... 2023-09-19T10:12:22.814202259Z at java.naming/javax.naming.spi.NamingManager.getObjectInstance(NamingManager.java:353) 2023-09-19T10:12:22.814244642Z at java.naming/com.sun.jndi.ldap.LdapReferralContext.<init>(LdapReferralContext.java:119) 2023-09-19T10:12:22.814275667Z ... 16 more Caused by: javax.naming.CommunicationException: entreprise.local:389 [Root exception is java.net.ConnectException: Connection refused (Connection refused)] 2023-09-19T10:12:22.806817166Z at java.naming/com.sun.jndi.ldap.LdapReferralContext.<init>(LdapReferralContext.java:96)
Log alfresco try to connect to entreprise.local:389 but real url set is ldap://masterad.infra.entreprise.local:389
but have this error :
2023-09-19T10:12:22.784214830Z 2023-09-19 10:12:22,781 ERROR [security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-3] Synchronization aborted due to error
2023-09-19T10:12:22.784275750Z org.alfresco.error.AlfrescoRuntimeException: 08190033 Error during LDAP Search. Reason:null
someone can help me ?
thx a lot
09-19-2023 09:40 AM
Connection refused
Check the connection and authantication first. Look into LDAP server logs too.
It you want to get help here, please add you LDAP configuration.
09-19-2023 10:41 AM
Alfresco start to sync users + groups and crash.
# désactivation de la création automatique de personne
# sinon une personne connue de kerberos mais pas de la synchro serai quand même créée
synchronization.autoCreatePeopleOnLogin=false
# permet d'activer/déactiver la synchronisation LDAP au démarrage de la ged
synchronization.syncOnStartup=false
synchronization.synchronizeChangesOnly=true
# Authentification LDAP
ldap.authentication.active=false
ldap.authentication.allowGuestLogin=false
# Formatage du nom d?utilisateur Alptis
ldap.authentication.userNameFormat=%s@alptis.local
# URL d?accès au LDAP
ldap.authentication.java.naming.provider.url=ldap://masterad.infra.entreprise.local:389
# LDAP Principal utilisé pour la connexion au LDAP
ldap.synchronization.java.naming.security.principal=alfresco_adm@entreprise.local
ldap.synchronization.java.naming.security.credentials=********
# Attribut permettant de déclencher la synchronisation différentielle
ldap.synchronization.modifyTimestampAttributeName=modifyTimestamp
# Requêtes LDAP permettant de définir la liste des groupes LDAP à synchroniser & requêtes différentielles & complètes
ldap.synchronization.groupSearchBase=ou=uo_groupes_globaux, ou=ZAdminAlptis, dc=alptis, dc=local
ldap.synchronization.groupQuery=(objectclass\=group)
ldap.synchronization.groupDifferentialQuery=(&(objectclass\=group)(!(modifyTimestamp<\={0})))
# Requêtes LDAP permettant de définir la liste des utilisateurs LDAP à synchroniser & requêtes différentielles & complètes
ldap.synchronization.userSearchBase=dc=alptis, dc=local
ldap.synchronization.personQuery=(&(objectClass=user)(objectCategory=person)(l=*)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))
ldap.synchronization.personDifferentialQuery=(&(objectClass=user)(objectCategory=person)(l=*)(!(userAccountControl:1.2.840.113556.1.4.803:=2))(!(modifyTimestamp<\={0})))
09-19-2023 09:53 AM
If you suspect the wrong host, check your ldap.authentication.java.naming.provider.url propertie. You can do it, for example, with OOTBee Support Tools in the https://your-domain.com/alfresco/s/ootbee/admin/system-information.
Explore our Alfresco products with the links below. Use labels to filter content by product module.