InvalidSearchFilterException: Empty filter when Synchronising LDAP
症状
When synchronising the LDAP directory, the synchronisation fails with this in logs:
atlassian-confluence.log に次のエラーが返される。
2012-01-17 13:18:48,791 ERROR [QuartzScheduler_Worker-9] [atlassian.crowd.directory.DbCachingDirectoryPoller] pollChanges Error occurred while refreshing the cache for directory [ 31031297 ].
com.atlassian.crowd.exception.OperationFailedException: java.util.concurrent.ExecutionException: com.atlassian.crowd.exception.OperationFailedException: org.springframework.ldap.InvalidSearchFilterException: Empty filter; nested exception is javax.naming.directory.InvalidSearchFilterException: Empty filter; remaining name 'DC=example,DC=com'原因
- One of the following fields is blank:
- ユーザー オブジェクト フィルタ
- グループ オブジェクト フィルター
- Roles are enabled. This has been deprecated for quite some time and should always be disabled.
ソリューション
For Cause 1
- Edit the LDAP directory configuration and populate the offending field as necessary. More information on the fields here: Connecting to an LDAP Directory
For Cause 2
- Create a new LDAP directory. By default, the ldap.roles.disabled will be set to true.
- Otherwise, disable Roles in your current LDAP directory configuration. As there is no way to do this in the interface, this will require manual database edits. Here is the SQL query to return that attribute's information:
Backup your database firstselect * from cwd_directory_attribute where attribute_name = 'ldap.roles.disabled';- Notice that the attribute_value column is showing false
- You'll want to run an update statement to set the attribute_value to true
Last modified on Mar 30, 2016
Powered by Confluence and Scroll Viewport.