LDAP response read timed out, timeout used:-1ms
search cancel

LDAP response read timed out, timeout used:-1ms

book

Article ID: 247163

calendar_today

Updated On:

Products

CA Identity Manager

Issue/Introduction

Occasionally LDAP queries stop working and the following is found in the IDM server.log:

Error log –

2022-08-01 13:16:41,213 DEBUG [ims.llsdk.directory.jndi] (default task-146) Failed to get managed object with unique name uid=xxxxxxx,ou=xxxx,dc=xxx,dc=com

2022-08-01 13:16:41,214 DEBUG [ims.tews6] (default task-146) Exception getting administrator (uid=xxxxxxx,ou=xxxx,dc=xxx,dc=com)

2022-08-01 13:16:41,214 DEBUG [ims.tews6] (default task-146) com.netegrity.llsdk6.imsapi.exception.SmApiWrappedException javax.naming.NamingException: LDAP response read timed out, timeout used:-1ms; remaining name 'uid=xxxxxx,ou=xxxxx,dc=xxx,dc=com'

                at com.sun.jndi.ldap.Connection.readReply(Connection.java:471)

                at com.sun.jndi.ldap.LdapClient.getSearchReply(LdapClient.java:632)

                at com.sun.jndi.ldap.LdapClient.search(LdapClient.java:555)

                at com.sun.jndi.ldap.LdapCtx.doSearch(LdapCtx.java:1985)

                at com.sun.jndi.ldap.LdapCtx.doSearchOnce(LdapCtx.java:1933)

                at com.sun.jndi.ldap.LdapCtx.c_getAttributes(LdapCtx.java:1325)

                at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_getAttributes(ComponentDirContext.java:235)

 

Environment

Release : 14.3, 14.4

Cause

The error 'LDAP response read timed out, timeout used:-1ms' is usually caused by JDK bug.

It was reported in JDK a number of times, and it still appears from time to time in new versions: https://bugs.openjdk.java.net/browse/JDK-8062947
 

Resolution

Update the JDK to a newer release.  See your application server admin for details on updating the JDK in use.  For example for Jboss / Wildfly the process may be as simple as installing the newer JDK and updating the JAVA_HOME system variable, or the value could be hard coded in the /jboss/bin/standalone.bat file: