Confluence incremental synchronisation failed and falls back to a full sync when connecting to LDAP

Platform Notice: Data Center Only - This article only applies to Atlassian products on the Data Center platform.

Note that this KB was created for the Data Center version of the product. Data Center KBs for non-Data-Center-specific features may also work for Server versions of the product, however they have not been tested. Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.

*Except Fisheye and Crucible

Summary

Problem

Incremental synchronisation with LDAP directory fails while full synchronisation works.

The following ERROR appears in atlassian-confluence.log during an incremental sync.

1
2

ERROR [scheduler_Worker-8] [atlassian.crowd.directory.DbCachingRemoteDirectory] synchroniseCache Incremental synchronisation for directory [ 129400833 ] was unexpectedly interrupted, falling back to a full synchronisation
com.atlassian.crowd.directory.ldap.cache.UsnChangedCacheRefresherIncSyncException: Cache returned different number of guids and users (possible reason is overlapping guids in cache, most likely null/empty values).

Diagnosis

Environment

A non-cluster AD with more than one domain controller
If the Confluence is connected to Oracle 12c Database, it might be affected by CONFSERVER-55585 - Incremental synchronization is failing when the Confluence is Connected to the Oracle 12c.

Diagnostic Steps

No result returned from the following database query:
1 2 3SELECT id, user_name, directory_id, external_id FROM cwd_user WHERE (external_id IN (SELECT external_id FROM cwd_user GROUP BY external_id HAVING count(external_id) > 1) OR external_id IS NULL) AND directory_id = '<user_directory_id>';

The number of users in the cwd_user table is equal to the number of users returned by the user filter in the LDAP connector, however, Confluence is calling for less numbers of users in a full synchronization:
12015-12-17 06:55:10,058 INFO [scheduler_Worker-5] [atlassian.crowd.directory.DbCachingRemoteChangeOperations] getUsersToAddAndUpdate scanning [ xxxx ] users to add or update

Cause

Confluence is comparing the number of GUID which results in either a mismatch or un-readable GUID which causes the incremental sync to fail.

Solution

Workaround

Stop Confluence
Add the following system property into Confluence:
1-Dcrowd.use.legacy.ad.incremental.sync=true
Please refer to the documentation on Configuring System Properties for details on adding a system property.
Always perform the necessary backup to your Confluence instance before performing any modification. If possible, try your modifications on a test server.
Start Confluence

Updated on April 2, 2025

Was this helpful?

It wasn't accurateIt wasn't clearIt wasn't relevant

Atlassian Support