Many connections to CA Directory Server are in CLOSE_WAIT state.

Document ID : KB000052434
Last Modified Date : 14/02/2018
Show Technical Document Details

Description:

We are using CA Directory with Policy Server in high availability architecture and seeing many connections to the directory in CLOSE_WAIT state.

I need to reboot the Policy Server to get those connect away from CLOSE_WAIT state. How could I fix it?

Solution:

You will need to configure the following parameters for CA DSA according to your architecture and fitting to your needs:

  • Max-users
  • user-idle-time
  • credits
  • mimic-netscape-for-siteminder
  • hold-ldap-connections = true
  • concurrent-bind-user

This last variable concurrent-bind-user should contain the users DN which uses SM to connect to DSA. This option can be found in page 52 of CA Directory r8.1 (Directory_Admin_ENU.pdf), section Process Concurrent Binds from SiteMinder.