Not able to setup the cluster and replication with Gluu 3.1.1

By: Gurpreet Singh user 25 Oct 2017 at 7:50 a.m. CDT

7 Responses
Gurpreet Singh gravatar
Hi We followed the steps as listed in link https://gluu.org/docs/ce/3.1.1/installation-guide/cluster/ to setup the cluster 3.1.1 and after the last step we are getting **LDAPSearchException (resultcode=32) **error in our logs .Also if we are trying to access gluu nodes from NGINX it is giving **400 BAD ERROR.** Would you be able to throw some light as in why we would be getting this error with LDAP? Caused by: LDAPSearchException(resultCode=32 (no such object), numEntries=0, numReferences=0, errorMessage='no such object') at com.unboundid.ldap.sdk.LDAPConnection.search(LDAPConnection.java:3650) at com.unboundid.ldap.sdk.AbstractConnectionPool.search(AbstractConnectionPool.java:2022) at org.gluu.site.ldap.OperationsFacade.search(OperationsFacade.java:293) at org.gluu.site.ldap.persistence.LdapEntryManager.findEntries(LdapEntryManager.java:357) at org.gluu.site.ldap.persistence.LdapEntryManager.findEntries(LdapEntryManager.java:331) at org.gluu.site.ldap.persistence.LdapEntryManager.findEntries(LdapEntryManager.java:323) at org.gluu.site.ldap.persistence.LdapEntryManager.findEntries(LdapEntryManager.java:299) at org.gluu.site.ldap.persistence.LdapEntryManager.findEntries(LdapEntryManager.java:295) at org.gluu.site.ldap.persistence.LdapEntryManager$Proxy$_$$_WeldClientProxy.findEntries(Unknown Source) at org.gluu.oxtrust.ldap.service.AttributeService.getAllAtributesImpl(AttributeService.java:534) at org.xdi.service.AttributeService.getAllAttributes(AttributeService.java:98) at org.xdi.service.AttributeService.getAllAttributes(AttributeService.java:90) at org.gluu.oxtrust.ldap.service.AttributeService.getAllPersonAttributes(AttributeService.java:80) at org.gluu.oxtrust.ldap.service.Shibboleth3ConfService.addGluuSP(Shibboleth3ConfService.java:1464) at org.gluu.oxtrust.ldap.service.ShibbolethInitializer.createShibbolethConfiguration(ShibbolethInitializer.java:70) at org.gluu.oxtrust.ldap.service.ShibbolethInitializer$Proxy$_$$_WeldClientProxy.createShibbolethConfiguration(Unknown Source) at org.gluu.oxtrust.ldap.service.AppInitializer.applicationInitialized(AppInitializer.java:221) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) : Thanks Gurpreet
CentOS 7.2
closed

Answers

By Yuriy Movchan staff 27 Oct 2017 at 1:20 a.m. CDT

Copy
Yuriy Movchan gravatar
Hi, I think you show stack trace from oxtrust.log. And according to it application can't find ou=attributes in LDAP on this server node. Can you check if replication works well? In document there is command to check it: ``` tail -f /var/log/openldap/ldap.log | grep sync or cat /var/log/openldap/ldap.log | grep sync ``` Also can use JXPlorer or ldapsearch to check if the data exists in LDAP?

By Gurpreet Singh user 27 Oct 2017 at 5:47 a.m. CDT

Copy
Gurpreet Singh gravatar
I checked the logs and replication seems to be fine: slapd[213]: syncprov_sendresp: to=002, cookie=rid=001,sid=001,csn=20171027090511.593773Z#000000#001#000000 But I am still not able to access my gluu nodes and they are throwing 503 Service Unavailable and logs have the same error as before: Caused by: LDAPSearchException(resultCode=32 (no such object), numEntries=0, numReferences=0, errorMessage='Failed to scroll to specified startIndex') at org.gluu.site.ldap.OperationsFacade.search(OperationsFacade.java:277) at org.gluu.site.ldap.persistence.LdapEntryManager.findEntries(LdapEntryManager.java:357) ... 20 more Caused by: LDAPSearchException(resultCode=32 (no such object), numEntries=0, numReferences=0, errorMessage='no such object') at com.unboundid.ldap.sdk.LDAPConnection.search(LDAPConnection.java:3650) at org.gluu.site.ldap.OperationsFacade.search(OperationsFacade.java:251) ... 21 more 2017-10-27 09:16:37,605 ERROR [qtp2008017533-11] [org.xdi.oxauth.servlet.OpenIdConfiguration] (OpenIdConfiguration.java:312) - Failed to find entries with baseDN: ou=scopes,o=@!6B7A.E3B6.1C47.B04B!0001!8290.B2FB,o=gluu, filter: (&(&(objectClass=top)(objectClass=oxAuthCustomScope))(inum=*)) org.gluu.site.ldap.persistence.exception.EntryPersistenceException: Failed to find entries with baseDN: ou=scopes,o=@!6B7A.E3B6.1C47.B04B!0001!8290.B2FB,o=gluu, filter: (&(&(objectClass=top)(objectClass=oxAuthCustomScope))(inum=*)) at org.gluu.site.ldap.persistence.LdapEntryManager.findEntries(LdapEntryManager.java:363) ~[oxcore-ldap-3.1.1.Final.jar:?] at org.gluu.site.ldap.persistence.LdapEntryManager.findEntries(LdapEntryManager.java:331) ~[oxcore-ldap-3.1.1.Final.jar:?] at org.gluu.site.ldap.persistence.LdapEntryManager.findEntries(LdapEntryManager.java:323) ~[oxcore-ldap-3.1.1.Final.jar:?] at org.gluu.site.ldap.persistence.LdapEntryManager.findEntries(LdapEntryManager.java:299) ~[oxcore-ldap-3.1.1.Final.jar:?] at org.gluu.site.ldap.persistence.LdapEntryManager.findEntries(LdapEntryManager.java:295) ~[oxcore-ldap-3.1.1.Final.jar:?] at org.gluu.site.ldap.persistence.LdapEntryManager

By Chris Blanton user 27 Oct 2017 at 11:06 a.m. CDT

Copy
Chris Blanton gravatar
Are your /etc/gluu/conf/ox-ldap.properties file the same on all of your servers? Can you check that your LDAP on all your servers actually has the same inums as your ox-ldap.properties file and the correct number of entries? The default looks something like ![this](https://imgur.com/a/TnUqT "basic LDAP"). Note that my ox-ldap.properties configuration inums match my LDAP db: ``` oxauth_ConfigurationEntryDN=ou=oxauth,ou=configuration,inum=@!A394.7CE9.D6E1.A557!0002!67A8.509E,ou=appliances,o=gluu oxtrust_ConfigurationEntryDN=ou=oxtrust,ou=configuration,inum=@!A394.7CE9.D6E1.A557!0002!67A8.509E,ou=appliances,o=gluu oxidp_ConfigurationEntryDN=ou=oxidp,ou=configuration,inum=@!A394.7CE9.D6E1.A557!0002!67A8.509E,ou=appliances,o=gluu oxcas_ConfigurationEntryDN=ou=oxcas,ou=configuration,inum=@!A394.7CE9.D6E1.A557!0002!67A8.509E,ou=appliances,o=gluu oxasimba_ConfigurationEntryDN=ou=oxasimba,ou=configuration,inum=@!A394.7CE9.D6E1.A557!0002!67A8.509E,ou=appliances,o=gluu oxpassport_ConfigurationEntryDN=ou=oxpassport,ou=configuration,inum=@!A394.7CE9.D6E1.A557!0002!67A8.509E,ou=appliances,o=gluu ``` This error `Caused by: LDAPSearchException(resultCode=32 (no such object)` makes me think you might have removed the databases on all of your servers, instead of leaving one to replicate from, per the instructions.

By Chris Blanton user 27 Oct 2017 at 11:08 a.m. CDT

Copy
Chris Blanton gravatar
We've just released an alpha program that can automate the process of configuring a cluster for you. All you need is an Ubuntu 14/16 machine and for that machine to have it's `id_rsa.pub` key in the `authorized_keys` of all the servers you want to configure for clustering. I believe this will save you the headache of trying to manually configure everything. Basic install instructions are here: [https://github.com/GluuFederation/cluster-mgr](https://github.com/GluuFederation/cluster-mgr) I'm working on documentation of how to complete a configuration, but it's somewhat self explanatory.

By ved singh user 27 Oct 2017 at 11:39 p.m. CDT

Copy
ved singh gravatar
Hi Chris, Is it production ready or still in alpha/beta stage ? Thanks

By ved singh user 27 Oct 2017 at 11:40 p.m. CDT

Copy
ved singh gravatar
Hi Chris, I'm facing a similar exception with the same result code and exception trace. I've validated all the steps that is been mentioned here but no dice. Any other possibilities that you can point to which will help resolve it. Thanks.

By Mohib Zico staff 15 Nov 2017 at 2:25 a.m. CST

Copy
Mohib Zico gravatar
I tried couple of times, couldn't reproduce this specific issue. You might wanna take a look at this [screencast tutorial](https://www.youtube.com/watch?v=GUk1D9vd0HQ)

Post an answer