Synchronization crowd data error

[h6happy]

hi,I run a container according to the following instructions

docker run \ --detach \ --net=host \ --name crowd-ldap-server \ --env "CROWD_APP_NAME=crowd-openid-server" \ --env "CROWD_APP_PASSWORD=my_password" \ --env "CROWD_SERVER_URL=http://my_crowd_ip:port/crowd/services/" \ --env "SERVER_BIND_ADDRESS=localhost:10389" \ aservo/crowd-ldap-server:latest

The crowd parameter has been modified to the correct value，And it can be connected to crowd correctly. But it seems that the following happens when synchronizing crowd data：

1、The container reported the following error： ldap-crowd-adapter | [error] [2022-05-20T03:16:44,905] [pool-3-thread-1] [de.aservo.ldap.adapter.backend.MirroredCrowdDirectoryBackend] An error occurred during synchronization.

2、The crowd reported the following error： INFO [crowd.manager.application.ApplicationServiceGeneric] Invalid credentials for user admin in directory MyCrowd (163841), aborting

How to solve this problem? Thank you very much

[brettaufheber]

Hello @h6happy, the problem is that two ways of authentication are needed because this tool uses the application and the admin API of the Crowd server.

For authentication (login) and authorization (user, group queries) an application entry in Crowd is needed.

• CROWD_APP_NAME
• CROWD_APP_PASSWORD
• CROWD_SERVER_URL

For synchronization with Crowd a user with admin privileges is needed.

• BACKEND_REST_USERNAME
• BACKEND_REST_USER_PASSWORD
• BACKEND_REST_BASE_URL

Check the file etc/backend.properties for example values.

Also, we highly recommend to use this tool with a PostgreSQL database in production. This allows materialized views for high throughput and stability. PostgreSQL is, as far as I know, the only database that prevents phantom reads for isolation level "Repeatable read" which is important for very frequent synchronizations with the Crowd server.

Example config for PostgreSQL database:

• BACKEND_JDBC_DRIVER=org.postgresql.Driver
• BACKEND_JDBC_URL=jdbc:postgresql://localhost:5432/mydb
• BACKEND_JDBC_USER=myuser
• BACKEND_JDBC_PASSWORD=password
• BACKEND_APPLY_NATIVE_SQL=true
• BACKEND_USE_MATERIALIZED_VIEWS=true

Unfortunately, a useful documentation is currently missing. But the documentation will be made in the near future.

The file init.sh shows the full range of environment variables.

Let me know if you have any further problems with the deployment.

Best regards

[h6happy]

Your reply is very timely and useful. The problem has been solved. Thank you very much. Best regards