LDAP Configured Registry disconnecting frequently

Document ID : KB000006675
Last Modified Date : 14/02/2018
Show Technical Document Details
Issue:

For the latest installed DevTest version 10 , we are facing some registry issues where the registry disconnects at least twice in a day.  Seeing OOM errors in the logs. 

Environment:
DEVTEST 10.0
Cause:

· Initially, components are started with default memory allocation and noticed an issue that Outofmemory error in registry log.

· So, we allocated 1.5GB for Registry, Coordinator, Simulator and restarted components.

· Still we see error in registry logs as below. During this issue, CPU was spiking and system CPU went to 90% and registry is not responded.

ERROR messages in the Registry logs with warning as GC Thrashing

2017-03-24 06:15:39,912Z (02:15) [ServerRequestHandler-1] ERROR com.itko.lisa.net.ServerRequestHandler - Could not fetch a message from QUEUE: GC overhead limit exceeded

 

java.lang.OutOfMemoryError: GC overhead limit exceeded 

Reason for OOM - 

 

The  <user-search-filter> in the authentication-provider.xml file seems overly broad, "<user-search-filter>(objectClass=*)</user-search-filter>”. Depending on how many users you have, this could lead to an Out Of Memory Exception for too may LDAP entries

You should refine your search to  something like

"<user-search-filter>(&amp;(objectClass=user)(sAMAccountName={0}))</user-search-filter>”.

 or something like this...

 

 <user-search-filter>(&amp;(objectClass=person)(cn={0}))</user-search-filter>

 

 

Your ldap admin should be able to give you a better filter.

Resolution:

Customer updated the search filter  in the  authentication-providers.xml file for LDAP users

“<user-search-filter>(&(objectClass=user)(sAMAccountName={0}))</user-search-filter>

 

This resolved the issue.