We are getting the below error in Vault Synchronizer logs and it’s not synchronizing any of the secrets from CyberArk Vault to DAP Vault.
ERROR VaultConjurSynchronizer.Flows.FirstLoadSyncFlow - VCSS017E Failed to fetch synched accounts metadata from Conjur with exception of type System.IndexOutOfRangeException and message Index was outside the bounds of the array.
Detailed Error:
2020-12-21 23:09:34,600 [4] [main] INFO VaultConjurSynchronizer.Conjur.ConjurHandlerFactory - VCSS021I Synchronizer is running with Conjur version: [5.11.0]
2020-12-21 23:09:34,602 [4] [main] INFO VaultConjurSynchronizer.Conjur.ConjurHandler - VCSS011I Init Conjur REST client and authenticate. ApplianceUrl: [https://stg-dapcentral.company.local/api], Conjur host name: [host/Sync_USAEA1DAPWESC01], Conjur account: [Experian] - start
2020-12-21 23:09:34,629 [4] [main] INFO VaultConjurSynchronizer.Conjur.ConjurHandler - VCSS011I Init Conjur REST client and authenticate. ApplianceUrl: [https://stg-dapcentral.company.local/api], Conjur host name: [host/Sync_USAEA1DAPWESC01], Conjur account: [Experian] - end
2020-12-21 23:09:34,631 [4] [main] INFO VaultConjurSynchronizer.Synchronizer - VCSS001I Vault-Conjur Synchronizer initialization - start
2020-12-21 23:09:34,631 [4] [main] INFO VaultConjurSynchronizer.Synchronizer - VCSS025I The Vault protocol version is 10.10
2020-12-21 23:09:34,691 [4] [main] INFO VaultConjurSynchronizer.Synchronizer - VCSS015I Found [1] LOBs from Vault named: [LOB_AWS]
2020-12-21 23:09:34,691 [4] [main] INFO VaultConjurSynchronizer.Synchronizer - VCSS018I Will start synchronizing [1] LOBs named: [LOB_AWS]
2020-12-21 23:09:34,692 [4] [main] INFO VaultConjurSynchronizer.Synchronizer - VCSS001I Vault-Conjur Synchronizer initialization - end
2020-12-21 23:09:34,696 [4] [main] INFO VaultConjurSynchronizer.Service.SynchronizerService - VCSS012I Starting CyberArk Vault-Conjur Synchronizer Service - end
2020-12-21 23:09:35,699 [9] [main] INFO VaultConjurSynchronizer.Synchronizer - VCSS003I Refreshing accounts from the vault - start
2020-12-21 23:09:36,250 [10] [LOB_AWS] INFO VaultConjurSynchronizer.Flows.FirstLoadSyncFlow - VCSS020I Fetching synced accounts metadata from Conjur - start
2020-12-21 23:09:36,328 [10] [LOB_AWS] ERROR VaultConjurSynchronizer.Flows.FirstLoadSyncFlow - VCSS017E Failed to fetch synched accounts metadata from Conjur with exception of type System.IndexOutOfRangeException and message Index was outside the bounds of the array.
Hi,
Can you please turn on debug log level, follow those instructions
See log4net > root > level and change it to DEBUG
Then reply with log output as you did now
Is it your first time running Synchronizer on this deployment of Conjur? It looks like an issue while fetching data from Conjur that will only be present if a synchronization already happened once
Hi.
I have the same problem. I have Conjur Enterprise, it has been working in production for over a year. The problem (with only one LOB, the other three synchronize without any problems) appeared after restarting the server with Vault Synchronizer (after installing updates).
Below is the synchronizer log with the debug flag enabled:
2021-11-28 00:54:03,015 [9] [LOBUser_PROD1] DEBUG VaultConjurSynchronizer.Lob - VCSS019D Lob LOBUser_PROD1 state changes from DuringSynchronization to CouldExistInConjur
2021-11-28 00:54:03,015 [9] [LOBUser_PROD1] ERROR VaultConjurSynchronizer.Flows.FirstLoadSyncFlow - VCSS017E Failed to fetch synched accounts metadata from Conjur with exception of type System.IndexOutOfRangeException and message Index was outside the bounds of the array.
2021-11-28 00:54:03,015 [9] [LOBUser_PROD1] DEBUG VaultConjurSynchronizer.Flows.FirstLoadSyncFlow - VCSS017E Failed to fetch synched accounts metadata from Conjur
System.IndexOutOfRangeException: Index was outside the bounds of the array.
at VaultConjurSynchronizer.Entities.ConjurVariable..ctor(Variable variable)
at VaultConjurSynchronizer.Conjur.ConjurHandler.<>c.<ListVariablesAsRole>b__13_0(Variable v)
at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()
at System.Collections.Generic.List`1..ctor(IEnumerable`1 collection)
at System.Linq.Enumerable.ToList[TSource](IEnumerable`1 source)
at VaultConjurSynchronizer.Conjur.ConjurHandler.ListVariablesAsRole(String role, String name)
at VaultConjurSynchronizer.Flows.FirstLoadSyncFlow.BuildAccountsDictionaryFromConjur(Lob lob)
at VaultConjurSynchronizer.Flows.FirstLoadSyncFlow.RunInternal(Lob lob, MICASession masterSession)
Everything was working fine before restarting the vault synchronizer server.
