ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Many connections to CA Directory Server are in CLOSE_WAIT state.


Article ID: 52434


Updated On:


CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On



We are using CA Directory with Policy Server in high availability architecture and seeing many connections to the directory in CLOSE_WAIT state.

I need to reboot the Policy Server to get those connect away from CLOSE_WAIT state. How could I fix it?


You will need to configure the following parameters for CA DSA according to your architecture and fitting to your needs:

  • Max-users
  • user-idle-time
  • credits
  • mimic-netscape-for-siteminder
  • hold-ldap-connections = true
  • concurrent-bind-user

This last variable concurrent-bind-user should contain the users DN which uses SM to connect to DSA. This option can be found in page 52 of CA Directory r8.1 (Directory_Admin_ENU.pdf), section Process Concurrent Binds from SiteMinder.


Component: SMPLC