Hello ,
i have some problem with sync LDAP .
Alfresco start to sync but failed.
2023-09-19 10:07:50,044 INFO [management.subsystems.ChildApplicationContextFactory] [http-nio-8080-exec-5] Startup of 'Search' subsystem, ID: [Search, managed, solr6] complete 2023-09-19T10:08:54.730817023Z 2023-09-19 10:08:54,730 INFO [security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-3] Synchronizing users and groups with user registry 'ldap1-ad' 2023-09-19T10:08:54.730856122Z 2023-09-19 10:08:54,730 WARN [security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-3] Some users and groups previously created by synchronization with this user registry may be removed. 2023-09-19T10:08:54.778505718Z 2023-09-19 10:08:54,778 INFO [security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-3] Retrieving all groups from user registry 'ldap1-ad' 2023-09-19T10:10:55.310029421Z 2023-09-19 10:10:55,309 WARN [sync.ldap.LDAPUserRegistry] [DefaultScheduler_Worker-3] Failed to resolve member of group 'zzzzRecettes-iTop' with distinguished name: CN=Thomas FERRAZ - Teamwork,OU=ou_Contacts_Externe,OU=ZAdminAlptis,DC=alptis,DC=local 2023-09-19T10:11:12.602004506Z 2023-09-19 10:11:12,601 INFO [security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-3] Synchronization,Category=directory,id1=ldap1-ad,id2=1 Group Analysis: Commencing batch of 1447 entries 2023-09-19T10:11:13.054824493Z 2023-09-19 10:11:13,054 INFO [security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-3] Synchronization,Category=directory,id1=ldap1-ad,id2=1 Group Analysis: Processed 100 entries out of 1447. 7% complete. Rate: 220 per second. 0 failures detected. 2023-09-19T10:11:13.447487759Z 2023-09-19 10:11:13,447 INFO [security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-3] Synchronization,Category=directory,id1=ldap1-ad,id2=1 Group Analysis: Processed 200 entries out of 1447. 14% complete. Rate: 236 per second. 0 failures detected. 2023-09-19T10:11:13.812573178Z 2023-09-19 10:11:13,812 INFO [security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-3] Synchronization,Category=directory,id1=ldap1-ad,id2=1 Group Analysis: Processed 300 entries out of 1447. 21% complete. Rate: 247 per second. 0 failures detected. 2023-09-19T10:11:14.201224373Z 2023-09-19 10:11:14,200 INFO [security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-3] Synchronization,Category=directory,id1=ldap1-ad,id2=1 Group Analysis: Processed 400 entries out of 1447. 28% complete. Rate: 250 per second. 0 failures detected. 2023-09-19T10:11:14.556970721Z 2023-09-19 10:11:14,556 INFO [security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-3] Synchronization,Category=directory,id1=ldap1-ad,id2=1 Group Analysis: Processed 500 entries out of 1447. 35% complete. Rate: 255 per second. 0 failures detected. 2023-09-19T10:11:15.012058635Z 2023-09-19 10:11:15,011 INFO [security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-3] Synchronization,Category=directory,id1=ldap1-ad,id2=1 Group Analysis: Processed 600 entries out of 1447. 41% complete. Rate: 248 per second. 0 failures detected. 2023-09-19T10:11:15.443136710Z 2023-09-19 10:11:15,442 INFO [security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-3] Synchronization,Category=directory,id1=ldap1-ad,id2=1 Group Analysis: Processed 700 entries out of 1447. 48% complete. Rate: 246 per second. 0 failures detected. 2023-09-19T10:11:16.302546563Z 2023-09-19 10:11:16,302 INFO [security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-3] Synchronization,Category=directory,id1=ldap1-ad,id2=1 Group Analysis: Processed 800 entries out of 1447. 55% complete. Rate: 216 per second. 0 failures detected. 2023-09-19T10:11:16.699533387Z 2023-09-19 10:11:16,699 INFO [security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-3] Synchronization,Category=directory,id1=ldap1-ad,id2=1 Group Analysis: Processed 900 entries out of 1447. 62% complete. Rate: 219 per second. 0 failures detected. 2023-09-19T10:11:17.032435260Z 2023-09-19 10:11:17,032 INFO [security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-3] Synchronization,Category=directory,id1=ldap1-ad,id2=1 Group Analysis: Processed 1000 entries out of 1447. 69% complete. Rate: 225 per second. 0 failures detected. 2023-09-19T10:11:17.287481586Z 2023-09-19 10:11:17,287 INFO [security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-3] Synchronization,Category=directory,id1=ldap1-ad,id2=1 Group Analysis: Processed 1100 entries out of 1447. 76% complete. Rate: 234 per second. 0 failures detected. 2023-09-19T10:11:17.764118244Z 2023-09-19 10:11:17,763 INFO [security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-3] Synchronization,Category=directory,id1=ldap1-ad,id2=1 Group Analysis: Processed 1200 entries out of 1447. 83% complete. Rate: 232 per second. 0 failures detected. 2023-09-19T10:11:18.089037550Z 2023-09-19 10:11:18,088 INFO [security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-3] Synchronization,Category=directory,id1=ldap1-ad,id2=1 Group Analysis: Processed 1300 entries out of 1447. 90% complete. Rate: 236 per second. 0 failures detected. 2023-09-19T10:11:18.427441426Z 2023-09-19 10:11:18,427 INFO [security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-3] Synchronization,Category=directory,id1=ldap1-ad,id2=1 Group Analysis: Processed 1400 entries out of 1447. 97% complete. Rate: 240 per second. 0 failures detected. 2023-09-19T10:11:18.541540425Z 2023-09-19 10:11:18,541 INFO [security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-3] Synchronization,Category=directory,id1=ldap1-ad,id2=1 Group Analysis: Processed 1447 entries out of 1447. 100% complete. Rate: 243 per second. 0 failures detected. 2023-09-19T10:11:18.541569975Z 2023-09-19 10:11:18,541 INFO [security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-3] Synchronization,Category=directory,id1=ldap1-ad,id2=1 Group Analysis: Completed batch of 1447 entries 2023-09-19T10:12:22.784214830Z 2023-09-19 10:12:22,781 ERROR [security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-3] Synchronization aborted due to error 2023-09-19T10:12:22.784275750Z org.alfresco.error.AlfrescoRuntimeException: 08190033 Error during LDAP Search. Reason:null 2023-09-19T10:12:22.784284995Z at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry.processQuery(LDAPUserRegistry.java:1346) 2023-09-19T10:12:22.784289365Z at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry.getPersonNames(LDAPUserRegistry.java:584) 2023-09-19T10:12:22.784305878Z at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer$1Analyzer.processGroups(ChainingUserRegistrySynchronizer.java:1500) 2023-09-19T10:12:22.784308809Z at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer$1Analyzer.access$5(ChainingUserRegistrySynchronizer.java:1465) 2023-09-19T10:12:22.784311069Z at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.syncWithPlugin(ChainingUserRegistrySynchronizer.java:1751) 2023-09-19T10:12:22.784313185Z at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.synchronizeInternal(ChainingUserRegistrySynchronizer.java:739) 2023-09-19T10:12:22.784315512Z at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.synchronize(ChainingUserRegistrySynchronizer.java:471) 2023-09-19T10:12:22.784317797Z at org.alfresco.repo.security.sync.UserRegistrySynchronizerJob$1.doWork(UserRegistrySynchronizerJob.java:53) 2023-09-19T10:12:22.784319884Z at org.alfresco.repo.security.authentication.AuthenticationUtil.runAs(AuthenticationUtil.java:602) 2023-09-19T10:12:22.784322799Z at org.alfresco.repo.security.sync.UserRegistrySynchronizerJob.execute(UserRegistrySynchronizerJob.java:49) 2023-09-19T10:12:22.784324851Z at org.quartz.core.JobRunShell.run(JobRunShell.java:202) 2023-09-19T10:12:22.784326847Z at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:573) 2023-09-19T10:12:22.784328797Z Caused by: javax.naming.PartialResultException [Root exception is javax.naming.CommunicationException: entreprise.local:389 [Root exception is java.net.ConnectException: Connection refused (Connection refused)]] 2023-09-19T10:12:22.784330938Z at java.naming/com.sun.jndi.ldap.AbstractLdapNamingEnumeration.hasMoreImpl(AbstractLdapNamingEnumeration.java:237) 2023-09-19T10:12:22.784332951Z at java.naming/com.sun.jndi.ldap.AbstractLdapNamingEnumeration.hasMore(AbstractLdapNamingEnumeration.java:189) 2023-09-19T10:12:22.784336844Z at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry.processQuery(LDAPUserRegistry.java:1327) 2023-09-19T10:12:22.784339010Z ... 11 more 2023-09-19T10:12:22.784340948Z Caused by: javax.naming.CommunicationException: entreprise.local:389 [Root exception is java.net.ConnectException: Connection refused (Connection refused)] 2023-09-19T10:12:22.784343007Z at java.naming/com.sun.jndi.ldap.LdapReferralContext.<init>(LdapReferralContext.java:96) 2023-09-19T10:12:22.784345094Z at java.naming/com.sun.jndi.ldap.LdapReferralException.getReferralContext(LdapReferralException.java:151) 2023-09-19T10:12:22.784347055Z at java.naming/com.sun.jndi.ldap.AbstractLdapNamingEnumeration.hasMoreReferrals(AbstractLdapNamingEnumeration.java:325) 2023-09-19T10:12:22.784371734Z at java.naming/com.sun.jndi.ldap.AbstractLdapNamingEnumeration.hasMoreImpl(AbstractLdapNamingEnumeration.java:227) 2023-09-19T10:12:22.784376002Z ... 13 more 2023-09-19T10:12:22.784378183Z Caused by: java.net.ConnectException: Connection refused (Connection refused) 2023-09-19T10:12:22.784380279Z at java.base/java.net.PlainSocketImpl.socketConnect(Native Method) 2023-09-19T10:12:22.784386579Z at java.base/java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:399) 2023-09-19T10:12:22.784388849Z at java.base/java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:242) 2023-09-19T10:12:22.784390820Z at java.base/java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:224) 2023-09-19T10:12:22.784392825Z at java.base/java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) 2023-09-19T10:12:22.784394772Z at java.base/java.net.Socket.connect(Socket.java:609) 2023-09-19T10:12:22.784396660Z at java.base/java.net.Socket.connect(Socket.java:558) 2023-09-19T10:12:22.784398447Z at java.base/java.net.Socket.<init>(Socket.java:454) 2023-09-19T10:12:22.784400499Z at java.base/java.net.Socket.<init>(Socket.java:231) 2023-09-19T10:12:22.784402403Z at java.naming/com.sun.jndi.ldap.Connection.createSocket(Connection.java:345) 2023-09-19T10:12:22.784404310Z at java.naming/com.sun.jndi.ldap.Connection.<init>(Connection.java:231) 2023-09-19T10:12:22.784442419Z at java.naming/com.sun.jndi.ldap.LdapClient.<init>(LdapClient.java:137) 2023-09-19T10:12:22.784460807Z at java.naming/com.sun.jndi.ldap.LdapClientFactory.createPooledConnection(LdapClientFactory.java:64) 2023-09-19T10:12:22.784475214Z at java.naming/com.sun.jndi.ldap.pool.Connections.<init>(Connections.java:114) 2023-09-19T10:12:22.784484519Z at java.naming/com.sun.jndi.ldap.pool.Pool.getPooledConnection(Pool.java:136) 2023-09-19T10:12:22.784493686Z at java.naming/com.sun.jndi.ldap.LdapPoolManager.getLdapClient(LdapPoolManager.java:340) 2023-09-19T10:12:22.784620914Z at java.naming/com.sun.jndi.ldap.LdapClient.getInstance(LdapClient.java:1608) 2023-09-19T10:12:22.784662831Z at java.naming/com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2847) 2023-09-19T10:12:22.784684381Z at java.naming/com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:348) 2023-09-19T10:12:22.784702073Z at java.naming/com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxFromUrl(LdapCtxFactory.java:262) 2023-09-19T10:12:22.784732662Z at java.naming/com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:226) 2023-09-19T10:12:22.784745989Z at java.naming/com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:183) 2023-09-19T10:12:22.784780532Z at java.naming/com.sun.jndi.url.ldap.ldapURLContextFactory.getObjectInstance(ldapURLContextFactory.java:52) 2023-09-19T10:12:22.784806426Z at java.naming/javax.naming.spi.NamingManager.getURLObject(NamingManager.java:624) 2023-09-19T10:12:22.784831167Z at java.naming/javax.naming.spi.NamingManager.processURL(NamingManager.java:401) 2023-09-19T10:12:22.784879106Z at java.naming/javax.naming.spi.NamingManager.processURLAddrs(NamingManager.java:381) 2023-09-19T10:12:22.784916477Z at java.naming/javax.naming.spi.NamingManager.getObjectInstance(NamingManager.java:353) 2023-09-19T10:12:22.785048548Z at java.naming/com.sun.jndi.ldap.LdapReferralContext.<init>(LdapReferralContext.java:119) 2023-09-19T10:12:22.785072289Z ... 16 more 2023-09-19T10:12:22.806742581Z 2023-09-19 10:12:22,806 ERROR [security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-3] Synchronization aborted due to error 2023-09-19T10:12:22.806775031Z org.alfresco.error.AlfrescoRuntimeException: 08190033 Error during LDAP Search. Reason:null 2023-09-19T10:12:22.806778632Z at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry.processQuery(LDAPUserRegistry.java:1346) 2023-09-19T10:12:22.806781025Z at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry.getPersonNames(LDAPUserRegistry.java:584) 2023-09-19T10:12:22.806783194Z at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer$1Analyzer.processGroups(ChainingUserRegistrySynchronizer.java:1500)
.... 2023-09-19T10:12:22.814202259Z at java.naming/javax.naming.spi.NamingManager.getObjectInstance(NamingManager.java:353) 2023-09-19T10:12:22.814244642Z at java.naming/com.sun.jndi.ldap.LdapReferralContext.<init>(LdapReferralContext.java:119) 2023-09-19T10:12:22.814275667Z ... 16 more Caused by: javax.naming.CommunicationException: entreprise.local:389 [Root exception is java.net.ConnectException: Connection refused (Connection refused)] 2023-09-19T10:12:22.806817166Z at java.naming/com.sun.jndi.ldap.LdapReferralContext.<init>(LdapReferralContext.java:96)
Log alfresco try to connect to entreprise.local:389 but real url set is ldap://masterad.infra.entreprise.local:389
but have this error :
2023-09-19T10:12:22.784214830Z 2023-09-19 10:12:22,781 ERROR [security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-3] Synchronization aborted due to error
2023-09-19T10:12:22.784275750Z org.alfresco.error.AlfrescoRuntimeException: 08190033 Error during LDAP Search. Reason:null
someone can help me ?
thx a lot
Connection refused
Check the connection and authantication first. Look into LDAP server logs too.
It you want to get help here, please add you LDAP configuration.
If you suspect the wrong host, check your ldap.authentication.java.naming.provider.url propertie. You can do it, for example, with OOTBee Support Tools in the https://your-domain.com/alfresco/s/ootbee/admin/system-information.
Alfresco start to sync users + groups and crash.
# désactivation de la création automatique de personne
# sinon une personne connue de kerberos mais pas de la synchro serai quand même créée
synchronization.autoCreatePeopleOnLogin=false
# permet d'activer/déactiver la synchronisation LDAP au démarrage de la ged
synchronization.syncOnStartup=false
synchronization.synchronizeChangesOnly=true
# Authentification LDAP
ldap.authentication.active=false
ldap.authentication.allowGuestLogin=false
# Formatage du nom d?utilisateur Alptis
ldap.authentication.userNameFormat=%s@alptis.local
# URL d?accès au LDAP
ldap.authentication.java.naming.provider.url=ldap://masterad.infra.entreprise.local:389
# LDAP Principal utilisé pour la connexion au LDAP
ldap.synchronization.java.naming.security.principal=alfresco_adm@entreprise.local
ldap.synchronization.java.naming.security.credentials=********
# Attribut permettant de déclencher la synchronisation différentielle
ldap.synchronization.modifyTimestampAttributeName=modifyTimestamp
# Requêtes LDAP permettant de définir la liste des groupes LDAP à synchroniser & requêtes différentielles & complètes
ldap.synchronization.groupSearchBase=ou=uo_groupes_globaux, ou=ZAdminAlptis, dc=alptis, dc=local
ldap.synchronization.groupQuery=(objectclass\=group)
ldap.synchronization.groupDifferentialQuery=(&(objectclass\=group)(!(modifyTimestamp<\={0})))
# Requêtes LDAP permettant de définir la liste des utilisateurs LDAP à synchroniser & requêtes différentielles & complètes
ldap.synchronization.userSearchBase=dc=alptis, dc=local
ldap.synchronization.personQuery=(&(objectClass=user)(objectCategory=person)(l=*)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))
ldap.synchronization.personDifferentialQuery=(&(objectClass=user)(objectCategory=person)(l=*)(!(userAccountControl:1.2.840.113556.1.4.803:=2))(!(modifyTimestamp<\={0})))
Ask for and offer help to other Alfresco Content Services Users and members of the Alfresco team.
Related links:
By using this site, you are agreeing to allow us to collect and use cookies as outlined in Alfresco’s Cookie Statement and Terms of Use (and you have a legitimate interest in Alfresco and our products, authorizing us to contact you in such methods). If you are not ok with these terms, please do not use this website.