java.net.NoRouteToHostException in LDAP connection
Platform notice: Server and Data Center only. This article only applies to Atlassian products on the Server and Data Center platforms.
Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.
*Except Fisheye and Crucible
Symptoms
There could be several symptoms to this problem :
- JIRA is not able to connect to LDAP, or
- Users are not able to login, or
- Not able to add user directory.
The following appears in the atlassian-jira.log:
Caused by: org.springframework.ldap.PartialResultException: nested exception is javax.naming.PartialResultException [Root exception is javax.naming.CommunicationException: ABC.PQR:389 [Root exception is java.net.NoRouteToHostException: No route to host]]
at org.springframework.ldap.support.LdapUtils.convertLdapException(LdapUtils.java:205)
at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:315)
Cause
JIRA is not able to connect to the LDAP server because it is not able to resolve the path that it can use to the LDAP/Active Directory server.
There can be several reasons for this :
- There might be a reverse proxy in place that is blocking the connection
- There might be a firewall in place between the servers that is blocking the port
- JIRA server not being able to resolve the hostname of the LDAP server correctly, etc
- There may be HTTP Access policies being pushed from ActiveDirectory, or puppet (preventing access to the LDAP Server)
- Overloaded domain controller, which caused JIRAs timeouts.
Having said this, this is a network issue instead of a JIRA issue.
Resolution
Try the following steps to identify the problem :
ping ABC.PQR
telnet ABC.PQR 389
- After the network issue is resolved, please login with a JIRA internal user
Delete the current LDAP connection
- Set up a new one with the same credentials
- Define a new, less loaded controller in configuration