Symantec Access Management

 View Only
Expand all | Collapse all

Policy server Failing back LDAP store type to #0 (Policy store) in every 5 minutes

  • 1.  Policy server Failing back LDAP store type to #0 (Policy store) in every 5 minutes

    Posted Jun 12, 2020 03:31 PM
    Hi Team,

    We have installed/configured 12.8 SP03 policy server in new OEL OS and using CA Directory as p.store/k.store. The policy server start-up is successful. However, we are observing below messages/errors in every 5 minutes.

    [smldaputils.cpp:689][SmBindLDAP][][][][][][][][][][][Closed policy store connection 'policy store ip']

    [smldaputils.cpp:720][SmBindLDAP][][][][][][][][][][][Marked policy store connection "policy store ip" as
      Close Pending][][][][][][][]

    [SmLdapPs::set_prldap_opt_io_max_timeout][][][][][][][][][][][PRLDAP_OPT_IO_MAX_TIMEOUT se
      t to 10000 milliseconds]

    SmLdapPs.cpp:152][SmLdapPs::set_prldap_opt_io_max_timeout][][][][][][][][][][][PRLDAP_OPT_IO_MAX_TIMEOUT se
      t to 22000 milliseconds][][][][][][][]

    [smldaputils.cpp:1010][][][][][][][][][][][][LogMessage:INFO:[sm-Server-04410] Failing back LDAP store type
      #0 to server 'policy store ip'

    Followed by time out errors:

    [smldaputils.cpp:1010][INFO][sm-Server-04410] Failing back LDAP store type #0 to server 'IP'.

    [SmObjProvider.cpp:181][ERROR][sm-Server-03090] Policy store failed operation 'CleanServerCmds'  for object type 'Policystore provider' . LDAP Error Doing ServerCommand_Search: 85: Timed out

    [SmPolicyServer.cpp:1899][ERROR][sm-Server-00620] Exception in JournalThread. Text: Policy store failed operation 'CleanServerCmds' for object type 'Policy store provider'. LDAP Error Doing ServerCommand_Search: 85: Timed out

    These set of policy stores also make connections with 15-18 existing policy servers and we are connecting 25-30 new servers to the same set of policy stores.

    Did anyone observe the same issue?


    ------------------------------
    Thanks,
    Ravi
    ------------------------------


  • 2.  RE: Policy server Failing back LDAP store type to #0 (Policy store) in every 5 minutes

    Posted Jun 23, 2020 05:38 AM
    Hello Ravi

    We have exactly the same issue in our policy server. It creates for a while connection problem and it will then spontaneously self-correct.

    Did you find something to resolve the problem? 

    I just want to let you know that we don't have the same policy server's version. Our version is older.

    ------------------------------
    Best regards,
    Alexis
    ------------------------------