Synchronization with LDAP Server Fails with PartialResultException

Related content

  • No related content found

Still need help?

The Atlassian Community is here for you.

Ask the community

Platform Notice: Cloud and Data Center - This article applies equally to both cloud and data center platforms.

Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.

*Except Fisheye and Crucible

Symptoms

The following exception appears on atlassian-confluence.log file:

2015-02-20 04:52:46,158 INFO [scheduler_Worker-6] [atlassian.crowd.directory.DbCachingRemoteDirectory] synchroniseCache synchronisation for directory [ 98306 ] starting
2015-02-20 04:52:46,215 INFO [scheduler_Worker-6] [atlassian.crowd.directory.DbCachingRemoteDirectory] synchroniseCache failed synchronisation complete for directory [ 98306 ] in [ 57ms ]
2015-02-20 04:52:46,232 ERROR [scheduler_Worker-6] [atlassian.crowd.directory.DbCachingDirectoryPoller] pollChanges Error occurred while refreshing the cache for directory [ 98306 ].
com.atlassian.crowd.exception.OperationFailedException: org.springframework.ldap.PartialResultException: nested exception is javax.naming.PartialResultException [Root exception is javax.naming.NamingException: LDAP response read timed out, timeout used:120000ms. [Root exception is com.sun.jndi.ldap.LdapReferralException: Continuation Reference; remaining name 'DC=domain,DC=com']; remaining name '']
	at com.atlassian.crowd.directory.SpringLDAPConnector.pageSearchResults(SpringLDAPConnector.java:408)
	at com.atlassian.crowd.directory.SpringLDAPConnector.searchEntitiesWithRequestControls(SpringLDAPConnector.java:443)
	at com.atlassian.crowd.directory.SpringLDAPConnector.searchEntities(SpringLDAPConnector.java:426)
	at com.atlassian.crowd.directory.MicrosoftActiveDirectory.findAddedOrUpdatedObjectsSince(MicrosoftActiveDirectory.java:881)
	at com.atlassian.crowd.directory.MicrosoftActiveDirectory.findAddedOrUpdatedUsersSince(MicrosoftActiveDirectory.java:853)
	at com.atlassian.crowd.directory.ldap.cache.UsnChangedCacheRefresher.synchroniseUserChanges(UsnChangedCacheRefresher.java:210)
	at com.atlassian.crowd.directory.ldap.cache.UsnChangedCacheRefresher.synchroniseChanges(UsnChangedCacheRefresher.java:82)
	at com.atlassian.crowd.directory.DbCachingRemoteDirectory.synchroniseCache(DbCachingRemoteDirectory.java:993)
	at com.atlassian.crowd.manager.directory.DirectorySynchroniserImpl.synchronise(DirectorySynchroniserImpl.java:75)
	at com.atlassian.crowd.directory.DbCachingDirectoryPoller.pollChanges(DbCachingDirectoryPoller.java:50)
	at com.atlassian.crowd.manager.directory.monitor.poller.DirectoryPollerJobBean.executeInternal(DirectoryPollerJobBean.java:29)
	at org.springframework.scheduling.quartz.QuartzJobBean.execute(QuartzJobBean.java:86)
	at org.quartz.core.JobRunShell.run(JobRunShell.java:199)
	at com.atlassian.confluence.schedule.quartz.ConfluenceQuartzThreadPool$1.run(ConfluenceQuartzThreadPool.java:20)
	at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:549)
Caused by: org.springframework.ldap.PartialResultException: nested exception is javax.naming.PartialResultException [Root exception is javax.naming.NamingException: LDAP response read timed out, timeout used:120000ms. [Root exception is com.sun.jndi.ldap.LdapReferralException: Continuation Reference; remaining name 'DC=domain,DC=com']; remaining name '']
	at org.springframework.ldap.support.LdapUtils.convertLdapException(LdapUtils.java:205)
	at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:315)
	at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:237)
	at com.atlassian.crowd.directory.ldap.LdapTemplateWithClassLoaderWrapper$4.call(LdapTemplateWithClassLoaderWrapper.java:99)
	at com.atlassian.crowd.directory.ldap.LdapTemplateWithClassLoaderWrapper$4.call(LdapTemplateWithClassLoaderWrapper.java:96)
	at com.atlassian.crowd.directory.ldap.LdapTemplateWithClassLoaderWrapper.invokeWithContextClassLoader(LdapTemplateWithClassLoaderWrapper.java:54)
	at com.atlassian.crowd.directory.ldap.LdapTemplateWithClassLoaderWrapper.search(LdapTemplateWithClassLoaderWrapper.java:96)
	at com.atlassian.crowd.directory.SpringLDAPConnector.pageSearchResults(SpringLDAPConnector.java:372)
	... 14 more
Caused by: javax.naming.PartialResultException [Root exception is javax.naming.NamingException: LDAP response read timed out, timeout used:120000ms. [Root exception is com.sun.jndi.ldap.LdapReferralException: Continuation Reference; remaining name 'DC=domain,DC=com']; remaining name '']
	at com.sun.jndi.ldap.LdapNamingEnumeration.hasMoreImpl(Unknown Source)
	at com.sun.jndi.ldap.LdapNamingEnumeration.hasMoreReferrals(Unknown Source)
	at com.sun.jndi.ldap.LdapNamingEnumeration.hasMoreImpl(Unknown Source)
	at com.sun.jndi.ldap.LdapNamingEnumeration.hasMoreReferrals(Unknown Source)
	at com.sun.jndi.ldap.LdapNamingEnumeration.hasMoreImpl(Unknown Source)
	at com.sun.jndi.ldap.LdapNamingEnumeration.hasMore(Unknown Source)
	at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:295)
	... 20 more
Caused by: javax.naming.NamingException: LDAP response read timed out, timeout used:120000ms. [Root exception is com.sun.jndi.ldap.LdapReferralException: Continuation Reference; remaining name 'DC=domain,DC=com']; remaining name ''
	at com.sun.jndi.ldap.Connection.readReply(Unknown Source)
	at com.sun.jndi.ldap.LdapClient.getSearchReply(Unknown Source)
	at com.sun.jndi.ldap.LdapClient.search(Unknown Source)
	at com.sun.jndi.ldap.LdapCtx.doSearch(Unknown Source)
	at com.sun.jndi.ldap.LdapCtx.searchAux(Unknown Source)
	at com.sun.jndi.ldap.LdapCtx.c_search(Unknown Source)
	at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(Unknown Source)
	at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(Unknown Source)
	at com.sun.jndi.ldap.LdapReferralContext.search(Unknown Source)
	at com.sun.jndi.ldap.LdapSearchEnumeration.getReferredResults(Unknown Source)
	at com.sun.jndi.ldap.LdapNamingEnumeration.hasMoreReferrals(Unknown Source)
	... 27 more
Caused by: com.sun.jndi.ldap.LdapReferralException: Continuation Reference; remaining name 'DC=domain,DC=com'
	at com.sun.jndi.ldap.LdapCtx.processReturnCode(Unknown Source)
	at com.sun.jndi.ldap.LdapCtx.processhttps://confluence.atlassian.com/display/STASHKB/Synchronization+with+LDAP+Server+Fails+with+PartialResultExceptionReturnCode(Unknown Source)
	at com.sun.jndi.ldap.LdapNamingEnumeration.getNextBatch(Unknown Source)
	... 23 more

Cause

Seems to be related to this bug: CONFSERVER-24460 - LDAP Synchronisation can fail unexpectedly due to mistiming in the "LDAP response read time out"


Resolution

1. Turn off Follow Referrals (Confluence Admin >> User Directories >> Edit the LDAP entry >> Advanced Settings >> Uncheck Follow Referrals).
2. Check if those users are members of confluence-users group through a nested group, or if they are there directly. Nested Groups is disabled, so if they are members of a nested group you'll need to enable that option under Advanced Settings as well.
3. Sync the directory again.
4. If it doesn't help, try to clear the plugin cache - Embedded Crowd is a plugin, so it's possible that there's something corrupted in there.

5. If that also doesn't help, let's recreate the LDAP directory and remove the old one (make sure to re-enable the internal one first so you don't lock yourself out of Confluence). Don't enable Follow Referrals unless it's definitely required.

Last modified on Feb 18, 2025

Was this helpful?

Yes
No
Provide feedback about this article

Related content

  • No related content found
Powered by Confluence and Scroll Viewport.