Hitachi Vantara Pentaho Community Forums
Results 1 to 2 of 2

Thread: LDAP connection timeout setting (pooling)

  1. #1
    Join Date
    Jan 2014
    Posts
    19

    Default LDAP connection timeout setting (pooling)

    I'm having intermittent problems connecting to an LDAP server (an AD server). I have a PDI job scheduled to run via cron that will randomly fail to connect to the repository because of authentication failure. Here's the relevant log output from pentaho.log.

    2018-07-01 00:51:45,173 DEBUG [org.springframework.security.ldap.authentication.BindAuthenticator] (LoggingInterceptor) Exception: org.springframework.ldap.ServiceUnavailableException: 10.40.4.5:389; socket closed; nested exception is javax.naming.ServiceUnavailableException: 10.40.4.5:389; socket closed; remaining name 'ou=Users,ou=PBZINC,dc=pbzinc,dc=loc'
    I did some TCP packet inspection using Wireshark. It appears that [sometimes] BI Server is leaving the LDAP connection open (no unbindRequest) for reuse, but Active Directory kills inactive LDAP sessions after 15min. (the MaxConnIdleTime setting) . When BI Server sends an LDAP searchRequest command without first issuing a bindRequest command there is no response from the AD server if it's a timed out connection on AD.

    Is there a timeout configuration setting that can close these "pooled" LDAP connections on BI Server? Or can LDAP pooling be turned off?

    I'm on version 8.0 BI Server. Just to clarify, LDAP authentication is working otherwise.

  2. #2
    Join Date
    Jan 2014
    Posts
    19

    Default

    Solved!

    Found information for a solution here https://docs.spring.io/spring-ldap/d...iguration.html. Excerpt below...
    8.1.4. Native Java LDAP Pooling
    The internal Java LDAP provider provides some very basic pooling capabilities. This LDAP connection pooling can be turned on/off using the pooled flag on AbstractContextSource. The default value is false (since release 1.3), i.e. the native Java LDAP pooling will be turned on.

    In the applicationContext-spring-security-ldap.xml I looked for the bean named contextSource and added the following property line.
    Code:
    <property name="pooled" value="false"/>

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Privacy Policy | Legal Notices | Safe Harbor Privacy Policy

Copyright © 2005 - 2019 Hitachi Vantara Corporation. All Rights Reserved.