Excessive error 81 in smps logs - EKSP code timeouts as result

book

Article ID: 7550

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) AXIOMATICS POLICY SERVER CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction

When the policy server initializes a new connection to the LDAP server it receives error 18 on it’s first attempt this results in excessive LDAP error 81’s

Cause

Directory ordering change R12.52 SP1 Cr5 when determining the directory type MS ADAM search was moved up the case statement if CA directory is the backend LDAP policy server sends a search based on ADAM (not handled by CA directory properly)

When PS first initializes user store it performs a BIND

Then goes through a case statement that detects the directory type

Engineering debugged, reported that when it got to ADAM a bad search was returned to client resulting in Error 81

 

PS then unbind reconnect

Environment

Solaris policy server (issue occurs on all platforms)CA Directory as backend LDAP (R12 SP17)

Resolution

 

Defect: DE267950 dev fix to be installed on top pf R12.52 Sp1 Cr5

 

Defect DE280381 dev fix to be installed on top pf R12.52 Sp1 Cr6