Hi Tyson Mahendran! Thanks for reaching out at Gluu. You can do the following things: - disable `Cache Refresh` on the Cache Refresh page - remove `cr-snapshots` from inside of gluu server. - then enable 'Cache Refresh' Then check is it working as expected or not. If still, you got unexpected results. Then - set the log level to debug in oxtrust (JSON configuration) - then run `Cache Refresh` - and look at the `oxtrust.log, oxtrust_cache_refresh.log` files to find any error Thanks and Regards ~ Shakil

I deleted everything in the CR-Snapshot dir and re-sync'd the cache refresh still getting the same error for a user that was sync'd before and I deleted via gluu server... getting the following error for deleted users: ERROR [Thread-529] [gluu.oxtrust.ldap.cache.service.CacheRefreshTimer] (CacheRefreshTimer.java:734) - Failed to 'add' person '0000!7858.D75E' java.lang.Exception: Duplicate UID value: how can I clean up this id? looks like the deleted user id and UID association is somewhere in the system... how can I clean up this?

Please look at the backend LDAP/AD server there might be some entries with duplicate UID. You will find a text file in `cr-snapshots` folder named as `problem-inum-list.txt` which is the list of failed entries.

thanks for the update, I saw the entries in problem-inum-list.txt but it's only id ... and I can see more detail from the cache-refresh log file...... I don't have any duplicate user in back end ldap ... and even when I add new user... still not syncing the user with cache-refresh...

Did you enable `cache refresh custom script`? Can you please share `cache refresh.log, oxtrust.log` files.

Yes, the cache refresh custom script is enabled. https://drive.google.com/drive/folders/1jD56T8jPgX5lasz-3moT4ZOyXlxITTYs?usp=sharing I have added the log files in the above location.

Hi Thanks for sharing log files. I have seen that cache refresh is working fine. It also count new entries, updated new entries. Failed on some entries due to duplicate UID. Cache Refresh pull user's information from LDAP/AD backend. You already know that. Your backend LDAP or AD might have duplicate entries because this type of practice wasn't enforced in old time. When you run Cache Refresh, scenario will happen: - If you have two users with same UID ( i.e. "kamlesh" ), Gluu Server will pull one user into Gluu's LDAP ( i.e. Couchbase or Gluu-OpenDJ ). Another user will be eliminiated and you will see the info that... "1 user can't import because duplicate entries". - Duplicate entry does't mean... Gluu's datasource ( i.e. Couchbase or Gluu-OpenDJ ) has two entries BUT your backend tried to push two users with same UID. That's uniqueness. That's the basis of uniqueness. Thanks & Regards ~ Shakil