LDAP : ChainingUserRegistrySynchronizer [main] Synchronization aborted due to error

cancel
Showing results for 
Search instead for 
Did you mean: 
vikash_patel
Established Member II

LDAP : ChainingUserRegistrySynchronizer [main] Synchronization aborted due to error

Hello Team I am getting belows errors while server startup, I have configured the ldap-ad,

My ldap properties

/opt/alfresco/tomcat/shared/classes/alfresco/extension/subsystems/Authentication/ldap-ad/ldap1/ldap-authentication.properties
### ldap authentication ###

authentication.chain=alfrescoNtlm1:alfrescoNtlm,ldap1:ldap-ad

ldap.authentication.active=true

ldap.authentication.allowGuestLogin=false

ldap.authentication.userNameFormat=%s@elesundc.local

ldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory

ldap.authentication.java.naming.provider.url=ldap://X.X.X.X:389

ldap.authentication.java.naming.security.authentication=simple

ldap.authentication.escapeCommasInBind=false

ldap.authentication.escapeCommasInUid=false

ldap.authentication.defaultAdministratorUserNames=Administrator,Alfresco

ldap.synchronization.active=true

ldap.synchronization.java.naming.security.authentication=simple

ldap.synchronization.java.naming.security.principal=Alfresco@elesundc.local

ldap.synchronization.java.naming.security.credentials=XXXXX

ldap.synchronization.queryBatchSize=70000

ldap.synchronization.attributeBatchSize=70000

ldap.synchronization.groupQuery=(objectClass\=group)

#ldap.synchronization.groupDifferentialQuery=(&(objectClass\=group)(!(whenChanged<\={0})))

ldap.synchronization.groupDifferentialQuery=(&(objectClass\=group))

ldap.synchronization.personQuery=(&(|(objectClass\=user)(objectCategory\=CN\=Person,CN\=Schema,CN\=Configuration,DC\=elesundc,DC\=local))(userAccountControl\:1.2.840.113556.1.4.803\:\=512))

#ldap.synchronization.personDifferentialQuery=(&(|(objectClass\=user)(objectCategory\=CN\=Person,CN\=Schema,CN\=Configuration,DC\=elesundc,DC\=local))(userAccountControl\:1.2.840.113556.1.4.803\:\=512)(!(whenChanged<\={0})))

ldap.synchronization.personDifferentialQuery=(&(|(objectClass\=user)(objectCategory\=CN\=Person,CN\=Schema,CN\=Configuration,DC\=elesundc,DC\=local))(userAccountControl\:1.2.840.113556.1.4.803\:\=512))

ldap.synchronization.groupSearchBase=dc\=elesundc

ldap.synchronization.userSearchBase=dc\=elesundc,dc\=local

ldap.synchronization.modifyTimestampAttributeName=whenChanged

ldap.synchronization.timestampFormat=yyyyMMddHHmmss'.0Z'

ldap.synchronization.userIdAttributeName=sAMAccountName

ldap.synchronization.userFirstNameAttributeName=givenName

ldap.synchronization.userLastNameAttributeName=sn

ldap.synchronization.userEmailAttributeName=mail

ldap.synchronization.userOrganizationalIdAttributeName=company

ldap.synchronization.defaultHomeFolderProvider=largeHomeFolderProvider

ldap.synchronization.groupIdAttributeName=cn

ldap.synchronization.groupDisplayNameAttributeName=displayName

ldap.synchronization.groupType=group

ldap.synchronization.personType=user

ldap.synchronization.groupMemberAttributeName=member

ldap.synchronization.enableProgressEstimation=true

ldap.synchronization.synchronizeChangesOnly=false

ldap.synchronization.syncOnStartup=true

ldap.synchronization.syncWhenMissingPeopleLogIn=true

ldap.synchronization.autoCreatePeopleOnLogin=true



I am getting this error while in alfresco logs

2022-02-18 13:41:34,029 INFO [security.sync.ChainingUserRegistrySynchronizer] [main] Synchronizing users and groups with user registry 'ldap1'
2022-02-18 13:41:34,074 INFO [security.sync.ChainingUserRegistrySynchronizer] [main] Retrieving groups changed since Jul 26, 2021, 3:34:30 PM from user registry 'ldap1'
2022-02-18 13:41:34,122 WARN [sync.ldap.LDAPUserRegistry] [main] Failed to resolve member of group 'Users' with distinguished name: CN=S-1-5-11,CN=ForeignSecurityPrincipals,DC=elesundc,DC=local
2022-02-18 13:41:34,123 WARN [sync.ldap.LDAPUserRegistry] [main] Failed to resolve member of group 'Users' with distinguished name: CN=S-1-5-4,CN=ForeignSecurityPrincipals,DC=elesundc,DC=local
2022-02-18 13:41:34,126 WARN [sync.ldap.LDAPUserRegistry] [main] Failed to resolve member of group 'Pre-Windows 2000 Compatible Access' with distinguished name: CN=S-1-5-11,CN=ForeignSecurityPrincipals,DC=elesundc,DC=local
2022-02-18 13:41:34,129 WARN [sync.ldap.LDAPUserRegistry] [main] Failed to resolve member of group 'Windows Authorization Access Group' with distinguished name: CN=S-1-5-9,CN=ForeignSecurityPrincipals,DC=elesundc,DC=local
2022-02-18 13:41:34,130 WARN [sync.ldap.LDAPUserRegistry] [main] Failed to resolve member of group 'IIS_IUSRS' with distinguished name: CN=S-1-5-17,CN=ForeignSecurityPrincipals,DC=elesundc,DC=local
2022-02-18 13:41:34,659 ERROR [security.sync.ChainingUserRegistrySynchronizer] [main] Synchronization aborted due to error
org.alfresco.error.AlfrescoRuntimeException: 00280018 Error during LDAP Search. Reason:[LDAP: error code 1 - 00002121: SvcErr: DSID-031206BD, problem 5012 (DIR_ERROR), data 8995
]
at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry.processQuery(LDAPUserRegistry.java:1346)
at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry.getGroups(LDAPUserRegistry.java:714)

at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:476)
Caused by: javax.naming.NamingException: [LDAP: error code 1 - 00002121: SvcErr: DSID-031206BD, problem 5012 (DIR_ERROR), data 8995
]; remaining name 'CN=Wallpapergrp,OU=XXXs_Users,DC=elesundc,DC=local'
at java.naming/com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3299)
at java.naming/com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3205)
at java.naming/com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2996)
at java.naming/com.sun.jndi.ldap.LdapCtx.c_getAttributes(LdapCtx.java:1358)
at java.naming/com.sun.jndi.toolkit.ctx.ComponentDirContext.p_getAttributes(ComponentDirContext.java:235)
at java.naming/com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.getAttributes(PartialCompositeDirContext.java:141)
at java.naming/javax.naming.directory.InitialDirContext.getAttributes(InitialDirContext.java:152)
at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry$3.doProcess(LDAPUserRegistry.java:942)
at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry$AbstractSearchCallback.process(LDAPUserRegistry.java:1877)
at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry.processQuery(LDAPUserRegistry.java:1330)
... 71 more
2022-02-18 13:41:34,691 ERROR [security.sync.ChainingUserRegistrySynchronizer] [main] Synchronization aborted due to error
org.alfresco.error.AlfrescoRuntimeException: 00280018 Error during LDAP Search. Reason:[LDAP: error code 1 - 00002121: SvcErr: DSID-031206BD, problem 5012 (DIR_ERROR), data 8995
]
at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry.processQuery(LDAPUserRegistry.java:1346)
at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry.getGroups(LDAPUserRegistry.java:714)

at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:476)
Caused by: javax.naming.NamingException: [LDAP: error code 1 - 00002121: SvcErr: DSID-031206BD, problem 5012 (DIR_ERROR), data 8995
]; remaining name 'CN=Wallpapergrp,OU=XXXs_Users,DC=elesundc,DC=local'
at java.naming/com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3299)

Caused by: javax.naming.NamingException: [LDAP: error code 1 - 00002121: SvcErr: DSID-031206BD, problem 5012 (DIR_ERROR), data 8995
]; remaining name 'CN=Wallpapergrp,OU=XXXs_Users,DC=elesundc,DC=local'
at java.naming/com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3299)
at java.naming/com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3205)
at java.naming/com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2996)
at java.naming/com.sun.jndi.ldap.LdapCtx.c_getAttributes(LdapCtx.java:1358)
at java.naming/com.sun.jndi.toolkit.ctx.ComponentDirContext.p_getAttributes(ComponentDirContext.java:235)
at java.naming/com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.getAttributes(PartialCompositeDirContext.java:141)
at java.naming/javax.naming.directory.InitialDirContext.getAttributes(InitialDirContext.java:152)
at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry$3.doProcess(LDAPUserRegistry.java:942)
at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry$AbstractSearchCallback.process(LDAPUserRegistry.java:1877)
at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry.processQuery(LDAPUserRegistry.java:1330)
... 71 more

If anyone having solution/suggetions.
Please help here.

Thanks,
vikash