Error getting connection to user store
Article ID: 272417
Updated On:
Products
Issue/Introduction
Users become to concern about this message on Identity Manager UI: Error getting connection to user store when trying modify endpoint accounts:
Error: findUsersInScope: Exception doing scope search: [faciliy=4 severity=3 reason = 0 status=6 message=Unrecognized command]
_directoryFindMatchingObjects doing serach throws error: [faciliy=4 severity=3 reason=0 status=6 message=Unrecognized command] Error getting connection to user store
Click here to see Task details.
Environment
Release : 14.4
Cause
Check the CA Directory logs and can see that userstore-router-caim-srv-01_stats.log get 255 at multiple times shows Assocs reaching near and 255!
STATS : Assocs 239 NilCredit 0 Queue 0+0 MWQ 0/0 Active 2 Ops 1131 Entries 622 Mem 252/38 CPU Seconds 60/60 CPU kTicks 2
STATS : Assocs 255 NilCredit 0 Queue 0+0 MWQ 0/0 Active 2 Ops 615 Entries 341 Mem 268/38 CPU Seconds 59/60 CPU kTicks 1
STATS : Assocs 255 NilCredit 0 Queue 0+0 MWQ 0/0 Active 0 Ops 65 Entries 1 Mem 268/38 CPU Seconds 60/60 CPU kTicks 1
This indicates that max-users attribute that is default 255 in Vaap can be low and need be increased.
Resolution
1. Max-users in CA Directory in CA Directory were low.
Edited config/limits/default-vapp.dxc and changed the max-users=255 to max-users=1024;
did a dxserver initi all in both nodes too.
2. Also adjusted in DSA2 precedence from
set precedence = UserStore-02, UserStore-01;
set write-precedence = UserStore-02, UserStore-01
To:
set precedence = UserStore-02, UserStore-01;
set write-precedence = UserStore-01, UserStore-02
Feedback
