Getting "Error 91 - Can't connect to the LDAP server" in smps.log for LDAP binds with failover servers in place.
For Example: In Data Center A we are getting the below error while trying to fail-over to Data Center B and Vice Versa.
[01/28/2015][11:30:09][LogMessage:ERROR:[sm-Ldap-00350] SmObjLdapConnMgr Bind. Server Data_Center_B:20492. Error 91 - Can't connect to the LDAP server]
Policy Server: R12.52 SP1
CA Directory: R12 SP12
The default connection setup timeout to session/policy store (CA directory) should be 10 seconds, however based on analysis it using 10ms. This results in failures connecting to the session/policy/key store across the data center.
There is known issue for policy/key/session store LDAP binds with fail-over servers in place on 12.52 SP1 and it is fixed in 12.52SP1CR1.
As a work around try connecting only one LDAP store if it's non prod environment and if it is production use LDAPPingTimeout in smregistry.
Please find the temporary workaround by adding the following to the sm.registry (LDAPPingTimeout) in case of production.
Console= 0; REG_DWORD
LDAPPingTimeout= 0x64; REG_DWORD
And for Permanent fix, kindly upgrade your policy server to R12.52 SP1 CR01