Anonymous_User Absent Member.
Absent Member.
463 views

LDAPError : 91 ( on eDirectory 8.8.7 ) infrastructure


Hello,

I have 5 edirectory (8.8.7) replica ring on win 2k8 r2 sp1, the
infrastructure is healthy

4 of the servers are behind a load balancer, one of them is free ( the
master wich not included in the load balancer )

the clients (home made web applications), are getting randomly and not
every time (rarely)

[LDAPError : 91 - null - cause : java.net.SocketException: Connection
reset] - Connect Error [com.novell.ldap.InterThreadException]

Could any one help ?

Thanks


--
iammi
------------------------------------------------------------------------
iammi's Profile: https://forums.netiq.com/member.php?userid=382
View this thread: https://forums.netiq.com/showthread.php?t=42709

Labels (1)
0 Likes
5 Replies
Anonymous_User Absent Member.
Absent Member.

Re: LDAPError : 91 ( on eDirectory 8.8.7 ) infrastructure

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

If you have not configured your LDAP service within eDirectory to break
the connections after a certain amount of time or a certain number of
returned entries then your load balancer is breaking the connections.
Fix that so that it does no do that. If you have configured the LDAP
service to disconnect after a certain time or number of entries, change
that (the default for eDirectory is to leave connections open as long as
the client is doing things, so you'd need to have manually changed it).

Use ndstrace/dstrace on the eDirectory side enabling TIME, TAGS, and
LDAP to see what happens on the eDirectory side when clients get this
error. It'll take some time, and if it's rare it'll be hard to pin
down, but there you go. Post the output of the dstrace when the problem
happens and we can help confirm one way or another.

It could also be a networking issue.... bad switch/router/firewall.

Good luck.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.19 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://www.enigmail.net/

iQIcBAEBAgAGBQJQdDsHAAoJEF+XTK08PnB5x1gP/2Pt/sjgHMsSzrDkVODwZddB
cLfFAW0p6sXWLIXoYWFICUFZaEXXBEcBmzMsoBt3bsO71hxrP9VkPgwdJkBSX1lc
RYo9Q/3cY0lePxoKG9STnYsFjykkDBRcOT8wQWy578qaDmpkjcuEfWl5IVwkssTb
Hk5al0lKjfp0rvl7gB6ESMofhaOHwZOkkg4C/RLrAdoXEPRZTlNyE0qMQ2+v1D+G
dbtL/tM5asjbf9fCe54TJvk/9DiHSj8LmjltwitUVU99zmvv+JVv799Gh3UJBr+w
AvAxpjCHRjVyfqngsc5LDuqJhhBNZ01tXwONt5Cd+hvQnRJOQIk95Yik3lwJk7hF
QbmQnwJt+wkv3tqjgfaV6b2e4KwyRztj2vWWjr5+3pLOaMcIdTUyAFAqQm6qUIR2
T4bo/ppx9GIzwQXao457pIiDTHVaSNXxElW4qffiUcp8Co6vowYRFHr0tvLUBJYQ
Fnq7x01R8tSg3Ofd0BKSloXsZdYM4QZiwBI+gvw5xevMYSH7bV3eJZFMcB5F2dzk
4TgX1ECBXfm1TtDKl/bi2lB1Nkbh1QIH44jKbniFAyvRTzQ4dc5YfW4KX8kwT3wR
KBtMjoyQD61JGHfhGHXwtVMKVv1vNJ0ehj1FGACunzvmlezPKjE4U3fJ1qYcd0q/
srA/iykT9qnpRlV2Qnqm
=FbWe
-----END PGP SIGNATURE-----
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: LDAPError : 91 ( on eDirectory 8.8.7 ) infrastructure

On Tue, 09 Oct 2012 13:24:02 +0000, iammi wrote:

> the clients (home made web applications), are getting randomly and not
> every time (rarely)
>
> [LDAPError : 91 - null - cause : java.net.SocketException: Connection
> reset] - Connect Error [com.novell.ldap.InterThreadException]


You might be able to capture more information with an LDAP trace. That
may or may not tell you why the connection is being reset, and by which
side of the communication. It's also possible that the load balancer is
getting in your way, so you could try running without it to see if that
helps. But, if this is sporadic and random it may be hard to catch.


--
--------------------------------------------------------------------------
David Gersic dgersic_@_niu.edu
Knowledge Partner http://forums.netiq.com

Please post questions in the forums. No support provided via email.

0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: LDAPError : 91 ( on eDirectory 8.8.7 ) infrastructure


Thank you !

you told me "... If you have configured the LDAP
service to disconnect after a certain time or number of entries,
change
that (the default for eDirectory is to leave connections open as long
as
the client is doing things, so you'd need to have manually changed
it)...."

Where to configure such a paremeter ?

Regards


--
iammi
------------------------------------------------------------------------
iammi's Profile: https://forums.netiq.com/member.php?userid=382
View this thread: https://forums.netiq.com/showthread.php?t=42709

0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: LDAPError : 91 ( on eDirectory 8.8.7 ) infrastructure

On Tue, 09 Oct 2012 16:54:01 +0000, iammi wrote:

> Where to configure such a paremeter ?


It's in the LDAP Server object. There's a connection timeout, that
defaults to 0 (never).


--
--------------------------------------------------------------------------
David Gersic dgersic_@_niu.edu
Knowledge Partner http://forums.netiq.com

Please post questions in the forums. No support provided via email.

0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: LDAPError : 91 ( on eDirectory 8.8.7 ) infrastructure


There is a remote possibility this is due to a bad SSL cert. Any chance
you can get that client app to not use SSL and see if the error
continues?


--
peterkuo
------------------------------------------------------------------------
peterkuo's Profile: https://forums.netiq.com/member.php?userid=170
View this thread: https://forums.netiq.com/showthread.php?t=42709

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.