Policy Server reports error : Error# '81' during search: 'error: Can't contact LDAP server'

book

Article ID: 8010

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) AXIOMATICS POLICY SERVER CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction

We run Policy Server which connects to backend LDAP User Stores, and from time to time, we notice some ldap error 81 in the smps.log.

 

[14784/64][Wed Aug 09 2017 22:51:27][SmDsLdapConnMgr.cpp:1190]

 [ERROR][sm-Ldap-02230] Error# '81' during search: 'error: 

 Can't contact LDAP server' Search Query = 'objectclass=*'

 

Why do we have these errors and how can we solve them ?

 

Cause

This message might appear if the LDAP Store closes its connection on its side. As per

design, Policy Server needs the LDAP Store's connections to be readily

available. Policy Server won't end any connection that the backend 

LDAP Store closes. When the Policy Server then tries to use such a 

closed connection, the Policy Server will report LDAP error 81. Straight 

after, Policy Server will also close this connection and establish a 

new one with the same backend LDAP Store. As such, the LDAP Store shouldn't 

close any connection for timeout or other reason. 

 

Environment

Policy Server 12.52SP1CR02 on RedHat 6;

Resolution

To avoid this message, configure the LDAP Backend Store to never close

its connection with the Policy Server.