I have used excacly the same OpenLDAP configuration with JIRA like with Stash. Stash works perfectly however JIRA has some issues with "awardaritzen" user that prevents to synchronize user group membership. I've checked database and users are synced properly, groups also. The missing element is binding one and another.
2014-04-01 10:54:59,268 QuartzScheduler_Worker-1 INFO ServiceRunner     [atlassian.crowd.directory.DbCachingRemoteDirectory] synchronisation for directory [ 10000 ] starting
2014-04-01 10:54:59,458 QuartzScheduler_Worker-1 INFO ServiceRunner     [directory.ldap.cache.RemoteDirectoryCacheRefresher] found [ 170 ] remote users in [ 190ms ]
2014-04-01 10:54:59,472 QuartzScheduler_Worker-1 INFO ServiceRunner     [atlassian.crowd.directory.DbCachingRemoteChangeOperations] scanned and compared [ 170 ] users for delete in DB cache in [ 13ms ]
2014-04-01 10:54:59,472 QuartzScheduler_Worker-1 INFO ServiceRunner     [atlassian.crowd.directory.DbCachingRemoteChangeOperations] scanned for deleted users in [ 13ms ]
2014-04-01 10:54:59,473 QuartzScheduler_Worker-1 INFO ServiceRunner     [atlassian.crowd.directory.DbCachingRemoteChangeOperations] scanning [ 170 ] users to add or update
2014-04-01 10:54:59,476 QuartzScheduler_Worker-1 INFO ServiceRunner     [atlassian.crowd.directory.DirectoryCacheImplUsingChangeOperations] scanned and compared [ 170 ] users for update in DB cache in [ 4ms ]
2014-04-01 10:54:59,476 QuartzScheduler_Worker-1 INFO ServiceRunner     [atlassian.crowd.directory.DirectoryCacheImplUsingChangeOperations] synchronised [ 170 ] users in [ 4ms ]
2014-04-01 10:54:59,504 QuartzScheduler_Worker-1 INFO ServiceRunner     [directory.ldap.cache.RemoteDirectoryCacheRefresher] found [ 41 ] remote groups in [ 28ms ]
2014-04-01 10:54:59,504 QuartzScheduler_Worker-1 INFO ServiceRunner     [atlassian.crowd.directory.DirectoryCacheImplUsingChangeOperations] scanning [ 41 ] groups to add or update
2014-04-01 10:54:59,512 QuartzScheduler_Worker-1 INFO ServiceRunner     [atlassian.crowd.directory.DbCachingRemoteChangeOperations] scanned and compared [ 41 ] groups for update in DB cache in [ 7ms ]
2014-04-01 10:54:59,512 QuartzScheduler_Worker-1 INFO ServiceRunner     [atlassian.crowd.directory.DirectoryCacheImplUsingChangeOperations] synchronized [ 41 ] groups in [ 7ms ]
2014-04-01 10:54:59,519 QuartzScheduler_Worker-1 INFO ServiceRunner     [atlassian.crowd.directory.DbCachingRemoteChangeOperations] scanned and compared [ 41 ] groups for delete in DB cache in [ 7ms ]
2014-04-01 10:54:59,648 QuartzScheduler_Worker-1 INFO ServiceRunner     [atlassian.crowd.directory.DbCachingRemoteDirectory] failed synchronisation complete for directory [ 10000 ] in [ 380ms ]
2014-04-01 10:55:00,043 QuartzScheduler_Worker-1 ERROR ServiceRunner     [atlassian.crowd.directory.DbCachingDirectoryPoller] Error occurred while refreshing the cache for directory [ 10000 ].
java.lang.RuntimeException: javax.naming.InvalidNameException: Invalid name: awardaritzen
	at com.atlassian.crowd.directory.RFC4519Directory$3.apply(RFC4519Directory.java:1005)
	at com.atlassian.crowd.directory.RFC4519Directory$3.apply(RFC4519Directory.java:995)
	at com.google.common.collect.Iterators$8.next(Iterators.java:782)
	at com.google.common.collect.Iterators$5.next(Iterators.java:550)
	at com.atlassian.crowd.directory.RFC4519DirectoryMembershipsIterable$2.apply(RFC4519DirectoryMembershipsIterable.java:88)
	at com.atlassian.crowd.directory.RFC4519DirectoryMembershipsIterable$2.apply(RFC4519DirectoryMembershipsIterable.java:69)
	at com.google.common.collect.Iterators$8.next(Iterators.java:782)
	at com.atlassian.crowd.directory.ldap.cache.AbstractCacheRefresher.synchroniseMemberships(AbstractCacheRefresher.java:126)
	at com.atlassian.crowd.directory.ldap.cache.AbstractCacheRefresher.synchroniseAll(AbstractCacheRefresher.java:82)
	at com.atlassian.crowd.directory.DbCachingRemoteDirectory.synchroniseCache(DbCachingRemoteDirectory.java:1004)
	at com.atlassian.crowd.manager.directory.DirectorySynchroniserImpl.synchronise(DirectorySynchroniserImpl.java:75)
	at com.atlassian.crowd.directory.DbCachingDirectoryPoller.pollChanges(DbCachingDirectoryPoller.java:50)
	at com.atlassian.crowd.manager.directory.monitor.poller.DirectoryPollerJob.execute(DirectoryPollerJob.java:34)
	at org.quartz.core.JobRunShell.run(JobRunShell.java:195)
	at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:520)
Caused by: javax.naming.InvalidNameException: Invalid name: awardaritzen
	at javax.naming.ldap.Rfc2253Parser.doParse(Unknown Source)
	at javax.naming.ldap.Rfc2253Parser.parseDn(Unknown Source)
	at javax.naming.ldap.LdapName.parse(Unknown Source)
	at javax.naming.ldap.LdapName.<init>(Unknown Source)
	at com.atlassian.crowd.directory.RFC4519Directory$3.apply(RFC4519Directory.java:1001)
Do you have any idea how to handle this one.
PS. I have double checked: Stash (works) has excacly the same LDAP configuration like JIRA.
I have migrated users to Active Directory and problem disappeared.
This probably might be a bug in Jira.
I have same problem, do you solve it?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Try to exclude "awardaritzen" user with "User Object Filter" when defining directory. It may have incorrect name or something.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
 
 
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.