You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@nifi.apache.org by "Matt Gilman (JIRA)" <ji...@apache.org> on 2019/03/01 20:19:00 UTC

[jira] [Commented] (NIFI-6095) LDAP background sync thread dies

    [ https://issues.apache.org/jira/browse/NIFI-6095?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16782035#comment-16782035 ] 

Matt Gilman commented on NIFI-6095:
-----------------------------------

[~jmkofoed] I believe this issue may have been addressed in NiFi 1.9.0 via https://issues.apache.org/jira/browse/NIFI-5935

> LDAP background sync thread dies
> --------------------------------
>
>                 Key: NIFI-6095
>                 URL: https://issues.apache.org/jira/browse/NIFI-6095
>             Project: Apache NiFi
>          Issue Type: Bug
>    Affects Versions: 1.8.0
>         Environment: 3 nodes in a secure cluster on CentOS 7 connecting to a MS AD via ldap configuration
>            Reporter: Jens M Kofoed
>            Priority: Major
>
> If connection to the ldap is lost the ldap-user-group-provider - background sync thread dies. And NIFI stops syncing and gets update from ldap.
> The nodes are configured for ldap and import all users and groups based on filter and base search. Users and groups are joined according to configuration. If users are added/removed from groups, the sync process updates NIFI until the sync process dies because of network timeout.
> Debugging: adding the "org.apache.nifi.ldap" to the logback.xml does not help much. The only information's is warnings if a group has a member and the users is not imported.
> WARN [ (ldap-user-group-provider) - background sync thread] org.apache.nifi.ldap.tenants.LdapUserGroupProvider cn=superusers,ou=nifi01,ou=NiFiClusters,dc=example,dc=net contains member uid=user01,ou=people,dc=example,dc=net but that user was not found while searching users. Ignoring group membership.
> Adding "org.springframework.ldap" to the logback.xml file gives some information every time there is a background sync.
> In my configuration I set the Sync Interval to 1 mins (authorizers.xml). Verifying the debug logs for background sync and after some times I removed the connection to the ldap. From now on I can't find any debug information about the ldap sync. Even if I reestablish the connection there will be no more debug information and no ldap sync. 



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)