LDAP login fail if the IP address of LDAP server changes
Article ID: 87173
CA Automic Dollar Universe
Error Message : On the uvserver.log of the UVMS:
|ERROR| request-worker-9 | com.orsyp.central.ldap.LDAPManagerImpl | Authenticate: Cannot authenticate login:username because the LDAP server cannot be reached. Unreachable server: company.com:636. javax.naming.CommunicationException: company.com:636 [Root exception is java.net.ConnectException: Connection timed out: connect]
If the IP address of the LDAP server is changed, UVMS does not renew the connection. This causes the LDAP login to fail.
UVMS should reconnect to the new IP since the previous connection is no longer valid, instead it receives an LDAP exception.
Cause type: Other Root Cause: The UVMS uses by default a Connection with the IP address of the LDAP server which is resolved at startup. As a consequence, if this LDAP server is shutdown, the LDAP authentication will no longer work.
Update to a fix version listed below or a newer version if available. Then add the new variable connectionPool with the value NO on each LDAP instance of the ldap.xml file as follows: