LDAP Stores :: Ping Search
search cancel

LDAP Stores :: Ping Search


Article ID: 50115


Updated On:


CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On



LDAP Ping Server thread.


The Ping Search thread periodically pings each LDAP directory server instance with which it is associated. The ping actually validates the connection by doing the following LDAP search:

Search is performed with a scope of 0 (base) and specify a single attribute to be returned (objectclass) for e.g :

SRCH base="" scope=0 filter="(objectClass=*)" attrs="objectClass" and the result will be:

RESULT err=0 tag=101 nentries=1 etime=0

The LDAP Ping Timeout search (objectClass=*) for both the Policy and User Store directory use the same default value of 10 seconds.

This is also controlled by the registry setting "LDAPPingTimeout" at location :


However the LDAP APIs for Ping Search are different for Policy and User Store.

Policy Store Ping Search uses ldap_search (when LDAPPingTimeout=0) and ldap_search_st (when LDAPPingTimeout > 0)

User Store Ping Search uses ldap_search_ext_s. The Search Timeout values for Policy and User Stores are different.

For Policy and Key Stores, it is default 20 seconds and can be configured through the registry setting "SearchTimeout" at following location :

For Policy Store :


For Key Store :


For User Store, it is default 30 seconds and is configurable in the Admin UI.


Component: SMPLC