how long will policy server keep an active LDAP connection open
search cancel

how long will policy server keep an active LDAP connection open

book

Article ID: 233496

calendar_today

Updated On:

Products

SITEMINDER

Issue/Introduction

Please confirm how long will policy server keep an active LDAP connection open.

Below two lines from LDAP log where connection 13261332 has been open from 12/18/2021-12-21-2021 and all LDAP operations are going on using this connection for more than 3 days.

2021-12-18 00:36:47,272 |myserver.corp.example.com~211124132727|--> conn[SSL/TLS]=13261332 op=1 MsgID=1 BindRequest {version=3, name=uid=SVCS-SMadmin-write,ou=service-accounts,dc=example,dc=com, authentication=**********}

 

This is latest request

2021-12-21 10:53:04,994 |myserver.corp.example.com~211124132727|--> conn[SSL/TLS]=13261332 op=421251 MsgID=421251 SearchRequest {dn="uid=1110741,ou=employees,ou=people,dc=example,dc=com",scope=0,derefAliases=0,sizeLimit=0,timeLimit=10,attrsOnly=false,filter="(employeeid=*)",attributes="employeeID"}

 

question: At what point will policy server close the connection/put the connection back to the connection pool. 

Environment

siteminder release: 12.8.x 
OS: Linux 

Cause

Policy Sever keeps the connection open to maintain good performance  to the backend rather requesting a new connection all the time.

Resolution

policy server will not close a open connection to the back-end user-store it will maintain the connection persistent and keep using it unless the directory or any firewall close the connection due max idle time. Policy Sever keeps the connection open to maintain good performance  to the backend rather requesting a new connection all the time.