Knowledge Base

User synchronization failed on HA with External Load Balancer


Badge +3

Topic

A problem has been noticed on 21.10 and 22.9 with HA and external load balancer used. User synchronization in admin fails:

Troubleshooting:
Users are synchronized correctly to the aerobase from AD, in SEQ one can see the following errors:
FetchUsersFromIdp: Request to fetch users request failed, statusCode:NotFound

The problem is that UserSync service is trying to access keycloak on the local server directly instead of routing requests through the load balancer and keycloak is accepting requests coming to LB URL only.

 

Instructions 

IMPORTANT NOTE: Please back up configuration files before making changes

On 21.10:
Open \Kryon\Services\Kryon Server - Users Synchronization Server 64bit\UsersSyncService\Kryon.Console.Services.UsersSyncWindowsService.exe.config
On 22.9:
Open \Nintex\Services\Nintex Server - Users Synchronization Server 64bit\UsersSyncService\Kryon.Console.Services.UsersSyncWindowsService.exe.config
Change URL in IdpMiddlewareApi so it will point to external URL (via load balancer)
<add key="IdpMiddlewareApi" value="http://EXTERNAL_URL/kryonidpapi" />

Restart Nintex Server - Users Synchronization (or Kryon Server - Users Synchronization)
 

 

 


0 replies

Be the first to reply!

Reply