Position & department not synchronized anymore

[jprusch]

Not sure if this is an addon issue. We're using Confluence 5.9.11 with latest 5.9 compatible Adam release (0.1.10). I just found out that the position & department attributes are not synchronized from AD anymore.

When using the simplest configuration:

<group id="business">
            <element id="position" defaultForReports="true" />
            <element id="department" defaultForReports="true"/>
</group>

the position & department elements are shown when editing the user profile, but the element content is not pulled from AD. I can enter my own values & they're displayed in reports & pages.

How can I check which elements/attributes are synchronizes from AD?

Best regards,

Jan

[feisley]

Jan,

So by default it will try an use "position" and "department" as the attribute lookups from AD/LDAP. You will need to specify the "contextAttribute" to tell Adam which AD/LDAP attribute should be pulled for the particular element.

For example, this is our configuration for our LDAP server:

            <element id="position" defaultForReports="true">
                <contextAttribute id="title" />
                <template>$!{title}</template>
            </element>

The LDAP attribute that holds the users "position" is "title" so Adam will query the title and then fill it in to the "position" field during sync.

Cheers, Jacob

[jprusch]

Jacob, it was working before. Title (Position) and Department were shown in every report. After upgrading to the latest version the columns are still displayed but empty. I tried your suggestions -> No help. Therefore I still like to know, if I can log the sync data of Adam to a log file to check, what is synchronized. Some example config:

`

        </element>
        <element id="department" defaultForReports="true">
            <contextAttribute id="department" />
            <template>$!{department}</template>
            <access>
                <anonymous view="masked" />
                <default view="allowed" edit="forbidden" />
            </access>
        </element>

...

... ... ` The columns "position" and "department" are shown in the report table, but do not display any content. AD contains a title & department attribute for each entry. Regards, Jan

[blaubaer]

@jprusch this could be caused by a switch to Microsoft ActiveDirectory LDAPS port 389/636 to 3268/3269. If you use 3268/3269 you use the global catalog and not all information could be queried. Adam and/or Confluence have to way to gather the information in this way anymore.

[jprusch]

@blaubaer we are using 3268 as port for AD. We had all positions & departments shown in Confluence, but after some time (I don't know the date or change we made), this information wasn't displayed anymore. Is it possible to get any debug logging apart from using wireshark to see if this data is transmitted from AD to narrow the problem to Confluence or our AD.

[blaubaer]

@jprusch I already have the same problem some weeks before. I also wondering that this does not work anymore (after an update of the server). I write an example code in Java that connects in the same way that Confluence did. I got the same problem. Then I strip everything down to the simplest way and run in the same problems. Only from the moment on I change to port from 3269 to 636 this problem was gone. (... in Confluence and my test application)

[jprusch]

@blaubaer OK, I'll try to change the port to 636 to check, if it works & let you know.

[jprusch]

@blaubaer Changing the port to 389 solved the issue. Still intersting to find out why 3268/3269 are not working for these attributes anymore.

[blaubaer]

@jprusch Please have a look at https://technet.microsoft.com/en-us/library/how-global-catalog-servers-work(v=ws.10).aspx it explains something about the Global Catalog (3268/3269) behavior.