Product:TIBCO Spotfire Server
Versions:All
Summary:
Error message"[*LdapSynchronizer.RestartRunnable*] server.ldap.LdapSearcher: Ignored inaccessible referral: DomainDnsZones" is seen in the server.log when an operation in Active Directory requires action on objects that might exist in the forest but are not located in the particular domain which is mentioned while configuring LDAP authentication .
Details:
While configuring LDAP, you can get the following error message in server.log
=======================================
Cause:
The Spotfire server contacts the domain controller via LDAP query. Every domain controller has information about the other domains in the forest in its Configuration container. When an operation in Active Directory requires action on objects that might exist in the forest but are not located in the particular domain that is stored on a domain controller, that domain controller must send the client a message that describes where to go to continue this action — that is, the client is "referred" to a domain controller that is presumed to hold the requested object.
Clients do not need to know the name or location of a child domain in order to contact a domain controller in that domain. They can query the root domain and reach the appropriate domain controller by being referred there.
Resolution:
In order to avoid this error from occurring, you will have to point the LDAP URL to the global catalog.
Versions:All
Summary:
Error message"[*LdapSynchronizer.RestartRunnable*] server.ldap.LdapSearcher: Ignored inaccessible referral: DomainDnsZones" is seen in the server.log when an operation in Active Directory requires action on objects that might exist in the forest but are not located in the particular domain which is mentioned while configuring LDAP authentication .
Details:
While configuring LDAP, you can get the following error message in server.log
=======================================
INFO 2021-10-29T19:41:17,364+0100 [*LdapSynchronizer.RestartRunnable*] server.ldap.LdapSearcher: Ignored inaccessible referral: DomainDnsZones.NA.TIB.LOCAL:636
javax.naming.CommunicationException: DomainDnsZones.NA.TIB.LOCAL:636
at com.sun.jndi.ldap.LdapReferralContext.<init>(LdapReferralContext.java:96) ~[?:?]
at com.sun.jndi.ldap.LdapReferralException.getReferralContext(LdapReferralException.java:151) ~[?:?]
at com.sun.jndi.ldap.AbstractLdapNamingEnumeration.hasMoreReferrals(AbstractLdapNamingEnumeration.java:325) ~[?:?]
at com.sun.jndi.ldap.AbstractLdapNamingEnumeration.hasMoreImpl(AbstractLdapNamingEnumeration.java:227) ~[?:?]
at com.sun.jndi.ldap.AbstractLdapNamingEnumeration.hasMore(AbstractLdapNamingEnumeration.java:189) ~[?:?]
at
……
……
……
com.spotfire.server.userdir.ldap.LdapSynchronizer.synchronize(LdapSynchronizer.java:226) ~[spotfire-server.jar:?]
at com.spotfire.server.userdir.ldap.LdapSynchronizer.lambda$new$0(LdapSynchronizer.java:126) ~[spotfire-server.jar:?]
at java.lang.Thread.run(Thread.java:834) [?:?]
Caused by: java.net.ConnectException: Connection timed out (Connection timed out)
at java.net.PlainSocketImpl.socketConnect(Native Method) ~[?:?]
at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:399) ~[?:?]
at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:242) ~[?:?]
at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:224) ~[?:?]
at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) ~[?:?]
…….
…….
==================================================javax.naming.CommunicationException: DomainDnsZones.NA.TIB.LOCAL:636
at com.sun.jndi.ldap.LdapReferralContext.<init>(LdapReferralContext.java:96) ~[?:?]
at com.sun.jndi.ldap.LdapReferralException.getReferralContext(LdapReferralException.java:151) ~[?:?]
at com.sun.jndi.ldap.AbstractLdapNamingEnumeration.hasMoreReferrals(AbstractLdapNamingEnumeration.java:325) ~[?:?]
at com.sun.jndi.ldap.AbstractLdapNamingEnumeration.hasMoreImpl(AbstractLdapNamingEnumeration.java:227) ~[?:?]
at com.sun.jndi.ldap.AbstractLdapNamingEnumeration.hasMore(AbstractLdapNamingEnumeration.java:189) ~[?:?]
at
……
……
……
com.spotfire.server.userdir.ldap.LdapSynchronizer.synchronize(LdapSynchronizer.java:226) ~[spotfire-server.jar:?]
at com.spotfire.server.userdir.ldap.LdapSynchronizer.lambda$new$0(LdapSynchronizer.java:126) ~[spotfire-server.jar:?]
at java.lang.Thread.run(Thread.java:834) [?:?]
Caused by: java.net.ConnectException: Connection timed out (Connection timed out)
at java.net.PlainSocketImpl.socketConnect(Native Method) ~[?:?]
at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:399) ~[?:?]
at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:242) ~[?:?]
at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:224) ~[?:?]
at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) ~[?:?]
…….
…….
Cause:
The Spotfire server contacts the domain controller via LDAP query. Every domain controller has information about the other domains in the forest in its Configuration container. When an operation in Active Directory requires action on objects that might exist in the forest but are not located in the particular domain that is stored on a domain controller, that domain controller must send the client a message that describes where to go to continue this action — that is, the client is "referred" to a domain controller that is presumed to hold the requested object.
Clients do not need to know the name or location of a child domain in order to contact a domain controller in that domain. They can query the root domain and reach the appropriate domain controller by being referred there.
Resolution:
In order to avoid this error from occurring, you will have to point the LDAP URL to the global catalog.