JIRA Connection reset error when synchronising with Active Directory 2012r2

お困りですか?

アトラシアン コミュニティをご利用ください。

コミュニティに質問

 

問題

When trying to synchronise the Active Directory 2012r2 user directory, the sync fails with Connection Reset error.

The following appears in the atlassian-jira.log

2015-06-14 23:20:47,244 atlassian-scheduler-quartz1.clustered_Worker-3 ERROR ServiceRunner     [com.atlassian.scheduler.JobRunnerResponse] Unable to synchronise directory
org.springframework.ldap.CommunicationException: xxx.xxxx.xx.xx:636; nested exception is javax.naming.CommunicationException: xxx.xxxx.xx.xx:636 [Root exception is java.net.SocketException: Connection reset]
	at org.springframework.ldap.support.LdapUtils.convertLdapException(LdapUtils.java:108)
...
ansactionAwareContextSourceProxy.getReadOnlyContext(TransactionAwareContextSourceProxy.java:61)
	at org.springframework.ldap.core.LdapTemplate.executeReadOnly(LdapTemplate.java:802)
	at org.springframework.ldap.core.LdapTemplate.lookup(LdapTemplate.java:935)
	at com.atlassian.crowd.directory.ldap.SpringLdapTemplateWrapper$9.timedCall(SpringLdapTemplateWrapper.java:286)
	at com.atlassian.crowd.directory.ldap.SpringLdapTemplateWrapper$TimedCallable.call(SpringLdapTemplateWrapper.java:124)
	at com.atlassian.crowd.directory.ldap.SpringLdapTemplateWrapper.invokeWithContextClassLoader(SpringLdapTemplateWrapper.java:87)
	at com.atlassian.crowd.directory.ldap.SpringLdapTemplateWrapper.lookup(SpringLdapTemplateWrapper.java:282)
	at com.atlassian.crowd.directory.RFC4519Directory.findDirectMembersOfGroup(RFC4519Directory.java:959)
	at com.atlassian.crowd.directory.MicrosoftActiveDirectory.findDirectMembersOfGroup(MicrosoftActiveDirectory.java:516)
	at com.atlassian.crowd.directory.RFC4519DirectoryMembershipsIterable$2.apply(RFC4519DirectoryMembershipsIterable.java:78)
	at com.atlassian.crowd.directory.RFC4519DirectoryMembershipsIterable$2.apply(RFC4519DirectoryMembershipsIterable.java:70)
	at com.google.common.collect.Iterators$8.next(Iterators.java:812)
	at com.atlassian.crowd.directory.ldap.cache.AbstractCacheRefresher.synchroniseMemberships(AbstractCacheRefresher.java:196)
	at com.atlassian.crowd.directory.ldap.cache.AbstractCacheRefresher.synchroniseAll(AbstractCacheRefresher.java:98)
	at com.atlassian.crowd.directory.ldap.cache.UsnChangedCacheRefresher.synchroniseAll(UsnChangedCacheRefresher.java:168)
	at com.atlassian.crowd.directory.DbCachingRemoteDirectory.synchroniseCache(DbCachingRemoteDirectory.java:1122)
	at com.atlassian.crowd.manager.directory.DirectorySynchroniserImpl.synchronise(DirectorySynchroniserImpl.java:76)
	at com.atlassian.jira.crowd.embedded.JiraDirectorySynchroniser.synchronizeDirectory(JiraDirectorySynchroniser.java:96)
	at com.atlassian.jira.crowd.embedded.JiraDirectorySynchroniser.runJob(JiraDirectorySynchroniser.java:60)
	at com.atlassian.scheduler.core.JobLauncher.runJob(JobLauncher.java:136)
	at com.atlassian.scheduler.core.JobLauncher.launchAndBuildResponse(JobLauncher.java:101)
	at com.atlassian.scheduler.core.JobLauncher.launch(JobLauncher.java:80)
	at com.atlassian.scheduler.quartz1.Quartz1Job.execute(Quartz1Job.java:32)
	at org.quartz.core.JobRunShell.run(JobRunShell.java:223)
	at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:549)
Caused by: javax.naming.CommunicationException: xxx.xxxx.xx.xx:636 [Root exception is java.net.SocketException: Connection reset]
	at com.sun.jndi.ldap.Connection.<init>(Connection.java:226)
	at com.sun.jndi.ldap.LdapClient.<init>(LdapClient.java:137)
	at com.sun.jndi.ldap.LdapClient.getInstance(LdapClient.java:1613)
	at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2746)
	at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:319)
	at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:210)
	at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:153)
	at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:83)
	at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:684)
	at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:313)
	at javax.naming.InitialContext.init(InitialContext.java:244)
	at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:154)
	at org.springframework.ldap.core.support.LdapContextSource.getDirContextInstance(LdapContextSource.java:42)
	at org.springframework.ldap.core.support.AbstractContextSource.createContext(AbstractContextSource.java:344)
	... 28 more
Caused by: java.net.SocketException: Connection reset
	at java.net.SocketInputStream.read(SocketInputStream.java:209)
	at java.net.SocketInputStream.read(SocketInputStream.java:141)
	at sun.security.ssl.InputRecord.readFully(InputRecord.java:465)
	at sun.security.ssl.InputRecord.read(InputRecord.java:503)
	at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:961)
	at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1391)
	at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1375)
	at com.sun.jndi.ldap.Connection.createSocket(Connection.java:376)
	at com.sun.jndi.ldap.Connection.<init>(Connection.java:203)
	... 42 more

診断

環境

原因

There are known issues with Java 8 and TLSv1.2 causing connecting reset when attempting to connect. Please see:

回避策

Add the following Java argument, to force using TLSv1.0, as following Setting Properties and Options on Startup

-Djdk.tls.client.protocols=TLSv1

最終更新日 2017 年 8 月 31 日

この内容はお役に立ちましたか?

はい
いいえ
この記事についてのフィードバックを送信する
Powered by Confluence and Scroll Viewport.