This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
LDAP Connection Maintenance
LDAP Connection Maintenance

Version management

Difference between version and

At line 1 added 26 lines
!!! Overview
There are typically a few common issues where connection could be lost from a [LDAP] connection.
!! Loss of [LDAP] [Directory System Agent]
Loss of [LDAP] Server either to failure or routine maintenance can typically be overcome by utilizing a connection pool.
Normally, the connection pool will maintain several LDAP connections and ensure they are valid.
!! TCP Disconnects
Often in LOAD Balanced [LDAP] environments we have seen incidents where the Load Balancer will sever TCP Sessions upon which there is no traffic within a defined period. As the Load balancer is a "[Man-In-The-Middle]" [TCP] entities, they may simply close the [TCP] Sessions without an proper disconnect.
The [LDAP] server will eventually time-out the [TCP] sessions. However, there maybe 1,000s of these session in an active [LDAP] environment.
The Application needs to manage these [TCP] sessions and ensure that they are "alive" because, they may not have been "properly" informed that the [TCP] connection has been severed by the load balancer.
! Mitigating Severed [TCP] Sessions
Often using a [LDAP] pool will minimize the severed [TCP] sessions as the pool will monitor and send a type of "keep-alive" packet to the LDAP servers.
Often setting the [Load Balancer|Load Balancing] [timeout] values to a higher value than the [LDAP] Pool will cause the [LDAP] Pool to re-establish the LDAP connection before the load-balancer times the connection out.
If the application can be programmed to verify the TCP session before sending a new LDAP request is always best. Some LDAP APIs will provide a [isConnected()|https://www.unboundid.com/products/ldap-sdk/docs/javadoc/com/unboundid/ldap/sdk/LDAPConnection.html#isConnected()|target='_blank'] method to verify if the LDAP session is still alive.
!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop