nluzgin
commented
6 months ago Got the same issue
2024-03-12 04:36:12,128 ERROR [LoggableUncaughtExceptionHandler] An unknown error occurred in an asynchronous event or notification thread org.datanucleus.exceptions.NucleusUserException: Attempt to store value "CN=xxx,OU=xxx,OU=xxx,OU=xxx,OU=xxx,OU=xxx,OU=xxx,OU=xxx,DC=xxx,DC=xxx,DC=xxx" in column ""DN"" that has maximum length of 255. Please correct your data! at org.datanucleus.store.rdbms.mapping.column.CharColumnMapping.setString(CharColumnMapping.java:253) at org.datanucleus.store.rdbms.mapping.java.SingleFieldMapping.setString(SingleFieldMapping.java:202) at org.datanucleus.store.rdbms.fieldmanager.ParameterSetter.storeStringField(ParameterSetter.java:158) at org.datanucleus.state.StateManagerImpl.providedStringField(StateManagerImpl.java:1903) at alpine.model.LdapUser.dnProvideField(LdapUser.java) at alpine.model.LdapUser.dnProvideFields(LdapUser.java) at org.datanucleus.state.StateManagerImpl.provideFields(StateManagerImpl.java:2559) at org.datanucleus.store.rdbms.request.UpdateRequest.execute(UpdateRequest.java:401) at org.datanucleus.store.rdbms.RDBMSPersistenceHandler.updateObjectInTable(RDBMSPersistenceHandler.java:447) at org.datanucleus.store.rdbms.RDBMSPersistenceHandler.updateObject(RDBMSPersistenceHandler.java:421) at org.datanucleus.state.StateManagerImpl.flush(StateManagerImpl.java:5890) at org.datanucleus.flush.FlushOrdered.execute(FlushOrdered.java:96) at org.datanucleus.ExecutionContextImpl.flushInternal(ExecutionContextImpl.java:3956) at org.datanucleus.ExecutionContextImpl.processNontransactionalAtomicChanges(ExecutionContextImpl.java:1411) at org.datanucleus.ExecutionContextImpl.processNontransactionalUpdate(ExecutionContextImpl.java:1372) at org.datanucleus.state.StateManagerImpl.setStringField(StateManagerImpl.java:2990) at alpine.model.LdapUser.dnSetdn(LdapUser.java) at alpine.model.LdapUser.setDN(LdapUser.java:104) at alpine.server.tasks.LdapSyncTask.sync(LdapSyncTask.java:95) at alpine.server.tasks.LdapSyncTask.inform(LdapSyncTask.java:64) at alpine.event.framework.BaseEventService.lambda$publish$0(BaseEventService.java:110) at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) at java.base/java.lang.Thread.run(Unknown Source)
When trying to add an ldap (active directory) user with a DN of more than 255 characters long, the user is added but in the interface in the "Distinguished name" field the word "Syncing..." appears instead of the dn of that user. Investigating the cause, it is observed that in the "ldapuser" table, the "dn" field is defined as varchar(255), thus limiting the insertion of users with a larger dns.
When trying to add a user with a dn of more than 255 characters, this error is observed in the logs
2022-06-15 10:49:09,770 ERROR [LoggableUncaughtExceptionHandler] An unknown error occurred in an asynchronous event or notification thread org.datanucleus.exceptions.NucleusUserException: Attempt to store value "CN=xxx,OU=a very large name,DC=myad,DC=local" in column "DN" that has maximum length of 255. Please correct your data! at org.datanucleus.store.rdbms.mapping.column.CharColumnMapping.setString(CharColumnMapping.java:253) at org.datanucleus.store.rdbms.mapping.java.SingleFieldMapping.setString(SingleFieldMapping.java:183) at org.datanucleus.store.rdbms.fieldmanager.ParameterSetter.storeStringField(ParameterSetter.java:158) at org.datanucleus.state.StateManagerImpl.providedStringField(StateManagerImpl.java:1853) at alpine.model.LdapUser.dnProvideField(LdapUser.java) at alpine.model.LdapUser.dnProvideFields(LdapUser.java) at org.datanucleus.state.StateManagerImpl.provideFields(StateManagerImpl.java:2528) at org.datanucleus.store.rdbms.request.UpdateRequest.execute(UpdateRequest.java:386) at org.datanucleus.store.rdbms.RDBMSPersistenceHandler.updateObjectInTable(RDBMSPersistenceHandler.java:406) at org.datanucleus.store.rdbms.RDBMSPersistenceHandler.updateObject(RDBMSPersistenceHandler.java:380) at org.datanucleus.state.StateManagerImpl.flush(StateManagerImpl.java:5838) at org.datanucleus.flush.FlushOrdered.execute(FlushOrdered.java:106) at org.datanucleus.ExecutionContextImpl.flushInternal(ExecutionContextImpl.java:4068) at org.datanucleus.ExecutionContextThreadedImpl.flushInternal(ExecutionContextThreadedImpl.java:448) at org.datanucleus.ExecutionContextImpl.processNontransactionalAtomicChanges(ExecutionContextImpl.java:1409) at org.datanucleus.ExecutionContextImpl.processNontransactionalUpdate(ExecutionContextImpl.java:1370) at org.datanucleus.ExecutionContextThreadedImpl.processNontransactionalUpdate(ExecutionContextThreadedImpl.java:79) at org.datanucleus.state.StateManagerImpl.setStringField(StateManagerImpl.java:2960) at alpine.model.LdapUser.dnSetdn(LdapUser.java) at alpine.model.LdapUser.setDN(LdapUser.java:102) at alpine.server.tasks.LdapSyncTask.sync(LdapSyncTask.java:95) at alpine.server.tasks.LdapSyncTask.inform(LdapSyncTask.java:70) at alpine.event.framework.BaseEventService.lambda$publish$0(BaseEventService.java:99) at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) at java.base/java.lang.Thread.run(Unknown Source)
As a workaround I have done the following, which allows users with this problem to work without a problem once applied. I update the ldapuser table, changing the size of the dn field: alter table ldapuser alter column dn varchar(1024);
I update the record of the user with problems so that the dn field has the correct value update ldapuser set dn='large dn user' where username='user samaccountname';
I have also noticed that the mappedldapgroup table has a dn field, and in this case the field is already defined as varchar(1024)
I propose to update the maximum size of the dn field for ldap users to at least 1024 characters