Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

SOLVED

AEM6.5 ldap integration

Avatar

Level 5

Hello,

 

I want to using AEM 6.5 intern compoent to synchronise groups and users from active directory. I followed the steps from

https://experienceleague.adobe.com/docs/experience-manager-64/administering/security/ldap-config.htm... and

https://aem4beginner.blogspot.com/aem-with-ldap-integration .

After this I set up a local instance for a dry test. When I called syncAllExternalUsers() following error will be shown:

 

org.apache.jackrabbit.oak.spi.security.authentication.external.impl.jmx.SyncRuntimeException: Unable to retrieve external users
	at org.apache.jackrabbit.oak.spi.security.authentication.external.impl.jmx.Delegatee.syncAllExternalUsers(Delegatee.java:228)
	at org.apache.jackrabbit.oak.spi.security.authentication.external.impl.jmx.SyncMBeanImpl.syncAllExternalUsers(SyncMBeanImpl.java:125)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    *cut*
Caused by: org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityException: Error while connecting to the ldap server.
	at org.apache.jackrabbit.oak.security.authentication.ldap.impl.LdapIdentityProvider.connect(LdapIdentityProvider.java:871)
	at org.apache.jackrabbit.oak.security.authentication.ldap.impl.LdapIdentityProvider.access$400(LdapIdentityProvider.java:96)
	at org.apache.jackrabbit.oak.security.authentication.ldap.impl.LdapIdentityProvider$SearchResultIterator.loadNextPage(LdapIdentityProvider.java:740)
	at org.apache.jackrabbit.oak.security.authentication.ldap.impl.LdapIdentityProvider$SearchResultIterator.findNextEntry(LdapIdentityProvider.java:789)
	at org.apache.jackrabbit.oak.security.authentication.ldap.impl.LdapIdentityProvider$SearchResultIterator.(LdapIdentityProvider.java:682)
	at org.apache.jackrabbit.oak.security.authentication.ldap.impl.LdapIdentityProvider.getEntryIterator(LdapIdentityProvider.java:664)
	at org.apache.jackrabbit.oak.security.authentication.ldap.impl.LdapIdentityProvider.listUsers(LdapIdentityProvider.java:305)
	at org.apache.jackrabbit.oak.spi.security.authentication.external.impl.jmx.Delegatee.syncAllExternalUsers(Delegatee.java:220)
	... 82 more
Caused by: org.apache.directory.api.ldap.model.exception.LdapProtocolErrorException: PROTOCOL_ERROR: The server will disconnect!
	at org.apache.directory.api.ldap.model.message.ResultCodeEnum.processResponse(ResultCodeEnum.java:2137)
	at org.apache.directory.ldap.client.api.AbstractLdapConnection.bind(AbstractLdapConnection.java:136)
	at org.apache.directory.ldap.client.api.AbstractLdapConnection.bind(AbstractLdapConnection.java:118)
	at org.apache.directory.ldap.client.api.DefaultLdapConnectionFactory.bindConnection(DefaultLdapConnectionFactory.java:68)
	at org.apache.directory.ldap.client.api.DefaultLdapConnectionFactory.newLdapConnection(DefaultLdapConnectionFactory.java:128)
	at org.apache.directory.ldap.client.api.ValidatingPoolableLdapConnectionFactory.makeObject(ValidatingPoolableLdapConnectionFactory.java:147)
	at org.apache.commons.pool2.impl.GenericObjectPool.create(GenericObjectPool.java:899)
	at org.apache.commons.pool2.impl.GenericObjectPool.borrowObject(GenericObjectPool.java:429)
	at org.apache.commons.pool2.impl.GenericObjectPool.borrowObject(GenericObjectPool.java:354)
	at org.apache.directory.ldap.client.api.LdapConnectionPool.getConnection(LdapConnectionPool.java:125)
	at org.apache.jackrabbit.oak.security.authentication.ldap.impl.LdapIdentityProvider.connect(LdapIdentityProvider.java:866)
	... 89 more

 What did I miss or where is my mistake?

 

Thanks in advanced.

 

PS: If you need some more information, let me know

1 Accepted Solution

Avatar

Correct answer by
Level 5

I could solve it. For me what an issue with network infrastructure. Changing ldap server from alias name to ip address was here the key of success.

View solution in original post

1 Reply

Avatar

Correct answer by
Level 5

I could solve it. For me what an issue with network infrastructure. Changing ldap server from alias name to ip address was here the key of success.