02-18-2022 07:08 AM
Hello Team I am getting belows errors while server startup, I have configured the ldap-ad,
My ldap properties
/opt/alfresco/tomcat/shared/classes/alfresco/extension/subsystems/Authentication/ldap-ad/ldap1/ldap-authentication.properties
### ldap authentication ###
authentication.chain=alfrescoNtlm1:alfrescoNtlm,ldap1:ldap-ad
ldap.authentication.active=true
ldap.authentication.allowGuestLogin=false
ldap.authentication.userNameFormat=%s@elesundc.local
ldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
ldap.authentication.java.naming.provider.url=ldap://X.X.X.X:389
ldap.authentication.java.naming.security.authentication=simple
ldap.authentication.escapeCommasInBind=false
ldap.authentication.escapeCommasInUid=false
ldap.authentication.defaultAdministratorUserNames=Administrator,Alfresco
ldap.synchronization.active=true
ldap.synchronization.java.naming.security.authentication=simple
ldap.synchronization.java.naming.security.principal=Alfresco@elesundc.local
ldap.synchronization.java.naming.security.credentials=XXXXX
ldap.synchronization.queryBatchSize=70000
ldap.synchronization.attributeBatchSize=70000
ldap.synchronization.groupQuery=(objectClass\=group)
#ldap.synchronization.groupDifferentialQuery=(&(objectClass\=group)(!(whenChanged<\={0})))
ldap.synchronization.groupDifferentialQuery=(&(objectClass\=group))
ldap.synchronization.personQuery=(&(|(objectClass\=user)(objectCategory\=CN\=Person,CN\=Schema,CN\=Configuration,DC\=elesundc,DC\=local))(userAccountControl\:1.2.840.113556.1.4.803\:\=512))
#ldap.synchronization.personDifferentialQuery=(&(|(objectClass\=user)(objectCategory\=CN\=Person,CN\=Schema,CN\=Configuration,DC\=elesundc,DC\=local))(userAccountControl\:1.2.840.113556.1.4.803\:\=512)(!(whenChanged<\={0})))
ldap.synchronization.personDifferentialQuery=(&(|(objectClass\=user)(objectCategory\=CN\=Person,CN\=Schema,CN\=Configuration,DC\=elesundc,DC\=local))(userAccountControl\:1.2.840.113556.1.4.803\:\=512))
ldap.synchronization.groupSearchBase=dc\=elesundc
ldap.synchronization.userSearchBase=dc\=elesundc,dc\=local
ldap.synchronization.modifyTimestampAttributeName=whenChanged
ldap.synchronization.timestampFormat=yyyyMMddHHmmss'.0Z'
ldap.synchronization.userIdAttributeName=sAMAccountName
ldap.synchronization.userFirstNameAttributeName=givenName
ldap.synchronization.userLastNameAttributeName=sn
ldap.synchronization.userEmailAttributeName=mail
ldap.synchronization.userOrganizationalIdAttributeName=company
ldap.synchronization.defaultHomeFolderProvider=largeHomeFolderProvider
ldap.synchronization.groupIdAttributeName=cn
ldap.synchronization.groupDisplayNameAttributeName=displayName
ldap.synchronization.groupType=group
ldap.synchronization.personType=user
ldap.synchronization.groupMemberAttributeName=member
ldap.synchronization.enableProgressEstimation=true
ldap.synchronization.synchronizeChangesOnly=false
ldap.synchronization.syncOnStartup=true
ldap.synchronization.syncWhenMissingPeopleLogIn=true
ldap.synchronization.autoCreatePeopleOnLogin=true
I am getting this error while in alfresco logs
2022-02-18 13:41:34,029 INFO [security.sync.ChainingUserRegistrySynchronizer] [main] Synchronizing users and groups with user registry 'ldap1'
2022-02-18 13:41:34,074 INFO [security.sync.ChainingUserRegistrySynchronizer] [main] Retrieving groups changed since Jul 26, 2021, 3:34:30 PM from user registry 'ldap1'
2022-02-18 13:41:34,122 WARN [sync.ldap.LDAPUserRegistry] [main] Failed to resolve member of group 'Users' with distinguished name: CN=S-1-5-11,CN=ForeignSecurityPrincipals,DC=elesundc,DC=local
2022-02-18 13:41:34,123 WARN [sync.ldap.LDAPUserRegistry] [main] Failed to resolve member of group 'Users' with distinguished name: CN=S-1-5-4,CN=ForeignSecurityPrincipals,DC=elesundc,DC=local
2022-02-18 13:41:34,126 WARN [sync.ldap.LDAPUserRegistry] [main] Failed to resolve member of group 'Pre-Windows 2000 Compatible Access' with distinguished name: CN=S-1-5-11,CN=ForeignSecurityPrincipals,DC=elesundc,DC=local
2022-02-18 13:41:34,129 WARN [sync.ldap.LDAPUserRegistry] [main] Failed to resolve member of group 'Windows Authorization Access Group' with distinguished name: CN=S-1-5-9,CN=ForeignSecurityPrincipals,DC=elesundc,DC=local
2022-02-18 13:41:34,130 WARN [sync.ldap.LDAPUserRegistry] [main] Failed to resolve member of group 'IIS_IUSRS' with distinguished name: CN=S-1-5-17,CN=ForeignSecurityPrincipals,DC=elesundc,DC=local
2022-02-18 13:41:34,659 ERROR [security.sync.ChainingUserRegistrySynchronizer] [main] Synchronization aborted due to error
org.alfresco.error.AlfrescoRuntimeException: 00280018 Error during LDAP Search. Reason:[LDAP: error code 1 - 00002121: SvcErr: DSID-031206BD, problem 5012 (DIR_ERROR), data 8995
]
at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry.processQuery(LDAPUserRegistry.java:1346)
at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry.getGroups(LDAPUserRegistry.java:714)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:476)
Caused by: javax.naming.NamingException: [LDAP: error code 1 - 00002121: SvcErr: DSID-031206BD, problem 5012 (DIR_ERROR), data 8995
]; remaining name 'CN=Wallpapergrp,OU=XXXs_Users,DC=elesundc,DC=local'
at java.naming/com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3299)
at java.naming/com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3205)
at java.naming/com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2996)
at java.naming/com.sun.jndi.ldap.LdapCtx.c_getAttributes(LdapCtx.java:1358)
at java.naming/com.sun.jndi.toolkit.ctx.ComponentDirContext.p_getAttributes(ComponentDirContext.java:235)
at java.naming/com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.getAttributes(PartialCompositeDirContext.java:141)
at java.naming/javax.naming.directory.InitialDirContext.getAttributes(InitialDirContext.java:152)
at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry$3.doProcess(LDAPUserRegistry.java:942)
at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry$AbstractSearchCallback.process(LDAPUserRegistry.java:1877)
at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry.processQuery(LDAPUserRegistry.java:1330)
... 71 more
2022-02-18 13:41:34,691 ERROR [security.sync.ChainingUserRegistrySynchronizer] [main] Synchronization aborted due to error
org.alfresco.error.AlfrescoRuntimeException: 00280018 Error during LDAP Search. Reason:[LDAP: error code 1 - 00002121: SvcErr: DSID-031206BD, problem 5012 (DIR_ERROR), data 8995
]
at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry.processQuery(LDAPUserRegistry.java:1346)
at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry.getGroups(LDAPUserRegistry.java:714)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:476)
Caused by: javax.naming.NamingException: [LDAP: error code 1 - 00002121: SvcErr: DSID-031206BD, problem 5012 (DIR_ERROR), data 8995
]; remaining name 'CN=Wallpapergrp,OU=XXXs_Users,DC=elesundc,DC=local'
at java.naming/com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3299)
Caused by: javax.naming.NamingException: [LDAP: error code 1 - 00002121: SvcErr: DSID-031206BD, problem 5012 (DIR_ERROR), data 8995
]; remaining name 'CN=Wallpapergrp,OU=XXXs_Users,DC=elesundc,DC=local'
at java.naming/com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3299)
at java.naming/com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3205)
at java.naming/com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2996)
at java.naming/com.sun.jndi.ldap.LdapCtx.c_getAttributes(LdapCtx.java:1358)
at java.naming/com.sun.jndi.toolkit.ctx.ComponentDirContext.p_getAttributes(ComponentDirContext.java:235)
at java.naming/com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.getAttributes(PartialCompositeDirContext.java:141)
at java.naming/javax.naming.directory.InitialDirContext.getAttributes(InitialDirContext.java:152)
at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry$3.doProcess(LDAPUserRegistry.java:942)
at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry$AbstractSearchCallback.process(LDAPUserRegistry.java:1877)
at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry.processQuery(LDAPUserRegistry.java:1330)
... 71 more
If anyone having solution/suggetions.
Please help here.
Thanks,
vikash
Explore our Alfresco products with the links below. Use labels to filter content by product module.