LDAP login fail if the IP address of LDAP server changes
book
Article ID: 87173
calendar_today
Updated On:
Products
CA Automic Dollar Universe
Issue/Introduction
Error Message : On the uvserver.log of the UVMS:
|ERROR| request-worker-9 | com.orsyp.central.ldap.LDAPManagerImpl | Authenticate: Cannot authenticate login:username because the LDAP server cannot be reached. Unreachable server: company.com:636. javax.naming.CommunicationException: company.com:636 [Root exception is java.net.ConnectException: Connection timed out: connect]
If the IP address of the LDAP server is changed, UVMS does not renew the connection. This causes the LDAP login to fail.
Investigation
UVMS should reconnect to the new IP since the previous connection is no longer valid, instead it receives an LDAP exception.
Environment
OS: All
Cause
Cause type: Other Root Cause: The UVMS uses by default a Connection with the IP address of the LDAP server which is resolved at startup. As a consequence, if this LDAP server is shutdown, the LDAP authentication will no longer work.
Resolution
Update to a fix version listed below or a newer version if available. Then add the new variable connectionPool with the value NO on each LDAP instance of the ldap.xml file as follows: