IDM Loses Connection To the User Store
search cancel

IDM Loses Connection To the User Store


Article ID: 108093


Updated On:


CA Identity Manager CA Identity Governance CA Identity Portal


We are seeing IDM fail tasks and lose connection to the user store.
The server log captures the following message:

ERROR [] (http- Failed to connect to LDAP directory ldap://XXXXXXXX:8094 ldap://
Reason: Address already in use: connect 

We can connect to the user store using an ldap browser and get to records so there does not appear to be an issue with the CA Directory service


CA Identity Manager 14.x



Windows has 2 types of ports, Static(locked and no other software can use) and Ephemeral(a pool of ports that all software can use, first come first serve).
IM speaks to Directory using an Ephemeral port, and then gives it back and gets another when it needs to communicate.
The problem is if too many software are using these ports they can all be used up. 

There are 2 primary solutions:
1. Create a bigger pool of ports
2. Decrease the length of time Windows waits to give back the port
TcpTimedWaitDelay - 

There are a few other secondary options: 
  • MaxUserPort -                      
  • TCPWindowSize -                
  • MaxFreeTcbs -                     
  • MaxHashTableSize -            

You also need to be careful that none of your software that needs a Specific(Static) Port, that port is in the Ephemeral Port Range. 

Here are a few link for Ephmeral Ports for Different Windows OS versions: