Expand my Community achievements bar.

Elevate your expertise and be recognized as a true influencer! Nominations for the exclusive Adobe Community Advisor program 2023 are now OPEN.
SOLVED

AEM6.5 ldap integration

Avatar

Level 7

Hello,

 

I want to using AEM 6.5 intern compoent to synchronise groups and users from active directory. I followed the steps from

https://experienceleague.adobe.com/docs/experience-manager-64/administering/security/ldap-config.htm... and

https://aem4beginner.blogspot.com/aem-with-ldap-integration .

After this I set up a local instance for a dry test. When I called syncAllExternalUsers() following error will be shown:

 

org.apache.jackrabbit.oak.spi.security.authentication.external.impl.jmx.SyncRuntimeException: Unable to retrieve external users
	at org.apache.jackrabbit.oak.spi.security.authentication.external.impl.jmx.Delegatee.syncAllExternalUsers(Delegatee.java:228)
	at org.apache.jackrabbit.oak.spi.security.authentication.external.impl.jmx.SyncMBeanImpl.syncAllExternalUsers(SyncMBeanImpl.java:125)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    *cut*
Caused by: org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityException: Error while connecting to the ldap server.
	at org.apache.jackrabbit.oak.security.authentication.ldap.impl.LdapIdentityProvider.connect(LdapIdentityProvider.java:871)
	at org.apache.jackrabbit.oak.security.authentication.ldap.impl.LdapIdentityProvider.access$400(LdapIdentityProvider.java:96)
	at org.apache.jackrabbit.oak.security.authentication.ldap.impl.LdapIdentityProvider$SearchResultIterator.loadNextPage(LdapIdentityProvider.java:740)
	at org.apache.jackrabbit.oak.security.authentication.ldap.impl.LdapIdentityProvider$SearchResultIterator.findNextEntry(LdapIdentityProvider.java:789)
	at org.apache.jackrabbit.oak.security.authentication.ldap.impl.LdapIdentityProvider$SearchResultIterator.(LdapIdentityProvider.java:682)
	at org.apache.jackrabbit.oak.security.authentication.ldap.impl.LdapIdentityProvider.getEntryIterator(LdapIdentityProvider.java:664)
	at org.apache.jackrabbit.oak.security.authentication.ldap.impl.LdapIdentityProvider.listUsers(LdapIdentityProvider.java:305)
	at org.apache.jackrabbit.oak.spi.security.authentication.external.impl.jmx.Delegatee.syncAllExternalUsers(Delegatee.java:220)
	... 82 more
Caused by: org.apache.directory.api.ldap.model.exception.LdapProtocolErrorException: PROTOCOL_ERROR: The server will disconnect!
	at org.apache.directory.api.ldap.model.message.ResultCodeEnum.processResponse(ResultCodeEnum.java:2137)
	at org.apache.directory.ldap.client.api.AbstractLdapConnection.bind(AbstractLdapConnection.java:136)
	at org.apache.directory.ldap.client.api.AbstractLdapConnection.bind(AbstractLdapConnection.java:118)
	at org.apache.directory.ldap.client.api.DefaultLdapConnectionFactory.bindConnection(DefaultLdapConnectionFactory.java:68)
	at org.apache.directory.ldap.client.api.DefaultLdapConnectionFactory.newLdapConnection(DefaultLdapConnectionFactory.java:128)
	at org.apache.directory.ldap.client.api.ValidatingPoolableLdapConnectionFactory.makeObject(ValidatingPoolableLdapConnectionFactory.java:147)
	at org.apache.commons.pool2.impl.GenericObjectPool.create(GenericObjectPool.java:899)
	at org.apache.commons.pool2.impl.GenericObjectPool.borrowObject(GenericObjectPool.java:429)
	at org.apache.commons.pool2.impl.GenericObjectPool.borrowObject(GenericObjectPool.java:354)
	at org.apache.directory.ldap.client.api.LdapConnectionPool.getConnection(LdapConnectionPool.java:125)
	at org.apache.jackrabbit.oak.security.authentication.ldap.impl.LdapIdentityProvider.connect(LdapIdentityProvider.java:866)
	... 89 more

 What did I miss or where is my mistake?

 

Thanks in advanced.

 

PS: If you need some more information, let me know

1 Accepted Solution

Avatar

Correct answer by
Level 7

I could solve it. For me what an issue with network infrastructure. Changing ldap server from alias name to ip address was here the key of success.

1 Reply

Avatar

Correct answer by
Level 7

I could solve it. For me what an issue with network infrastructure. Changing ldap server from alias name to ip address was here the key of success.