Policy Server reports error : Error# '81' during search: 'error: Can't contact LDAP server'

Article Id: 8010

Status: Published

Updated On: 14-02-2018 08:18

Legacy Id: TEC1267707

Products:

CA Single Sign On Secure Proxy Server (SiteMinder) AXIOMATICS POLICY SERVER CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On CA Single Sign-On

Issue/Introduction:

We run Policy Server which connects to backend LDAP User Stores, and from time to time, we notice some ldap error 81 in the smps.log.

[14784/64][Wed Aug 09 2017 22:51:27][SmDsLdapConnMgr.cpp:1190]

[ERROR][sm-Ldap-02230] Error# '81' during search: 'error:

Can't contact LDAP server' Search Query = 'objectclass=*'

Why do we have these errors and how can we solve them ?

Cause:

This message might appear if the LDAP Store closes its connection on its side. As per

design, Policy Server needs the LDAP Store's connections to be readily

available. Policy Server won't end any connection that the backend

LDAP Store closes. When the Policy Server then tries to use such a

closed connection, the Policy Server will report LDAP error 81. Straight

after, Policy Server will also close this connection and establish a

new one with the same backend LDAP Store. As such, the LDAP Store shouldn't

close any connection for timeout or other reason.

Environment:

Policy Server 12.52SP1CR02 on RedHat 6;

Resolution:

To avoid this message, configure the LDAP Backend Store to never close

its connection with the Policy Server.