User directory synchronization in Bamboo Data Center is failing with error LDAP: error code 32

Platform Notice: Data Center Only - This article only applies to Atlassian products on the Data Center platform.

Note that this KB was created for the Data Center version of the product. Data Center KBs for non-Data-Center-specific features may also work for Server versions of the product, however they have not been tested. Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.

*Except Fisheye and Crucible

Summary

User synchronization in Bamboo is failing with error code "LDAP: error code 32"

Environment

The issue was observed on Bamboo 9.2.7 connected to LDAP server but other versions could be affected.

Diagnosis

After checking the atlassian-bamboo.log the below error was found

1 2 3 4 5 6 7 8 2024-09-17 15:31:04,659 ERROR [http-nio-8085-exec-9] [BambooAuthenticator] Authentication failed due to embedded crowd error: com.atlassian.crowd.exception.runtime.OperationFailedException: null ... Output Omitted ... Caused by: org.springframework.ldap.NameNotFoundException: [LDAP: error code 32 - 0000208D: NameErr: DSID-03100245, problem 2001 (NO_OBJECT), data 0, best match of: 'DC=EXAMPLE,DC=COM' ]; nested exception is javax.naming.NameNotFoundException: [LDAP: error code 32 - 0000208D: NameErr: DSID-03100245, problem 2001 (NO_OBJECT), data 0, best match of: 'DC=EXAMPLE,DC=COM' ]; remaining name 'CN=bamboo_service,OU=Service Account,DC=EXAMPLE,DC=COM'

Verify that the object is created from the LDAP server using LDAP browser.

Cause

The object CN=bamboo_service,OU=Service Account,DC=EXAMPLE,DC=COM does not exist in your LDAP directory or has been deleted/renamed. Bamboo is trying to synchronize using a user or service account that no longer exists or was misconfigured.

Solution

Make sure that the object exists in the LDAP and that Bamboo is configured to use the right object to connect to the LDAP. 

You can use the ldapsearch command below to verify that the object exists in the LDAP

1 ldapsearch -x -H ldap://<ldap-server> -D "CN=admin,DC=EXAMPLE,DC=COM" -w <password> -b "DC=EXAMPLE,DC=COM" "(CN=bamboo_service)"

Note the following:

  • Replace <ldap-server> with the address of your LDAP server

  • Replace this with your actual bind DN. -D "CN=admin,DC=EXAMPLE,DC=COM": The bind DN (administrator's distinguished name used for authentication). 

  • -w <password>: The password for the bind DN (admin account).

  • -b "DC=EXAMPLE,DC=COM": The base DN from which to start the search (your LDAP domain).

  • "(CN=bamboo_service)": The search filter to look for the object by its CN (common name).

Updated on February 25, 2025
Platform
Data Center only
Product
Bamboo Data Center
On this pageSummaryDiagnosisCauseSolution

Still need help?

The Atlassian Community is here for you.
Ask the Community