Why does the Policy Server make regular LDAP Search on the Policy Server?

Document ID : KB000050249
Last Modified Date : 14/02/2018
Show Technical Document Details

Description:

The note explains why the Policy Server makes xpsNumber Search against the Policy Store every 5 minutes (by default).

Solution:

The PS makes this search to check if the database has been updated.

The default interval is 5 minutes. This value is configurable and can be changed by changing the value of the XPS parameter CA.XPS::$CacheCheckDelay from XPSConfig command line tool.

There are two types of policy store objects with 12: SMDIF objects (inherited from r6) and XPS objects.
Each SMDIF object has an equivalent XPS object.

XPS (XML Policy Store) objects are designed to replace the SMDIF (SiteMinder Data Interchange Format) objects.
At the moment both are required for the proper functioning of the PS, but in the future only XPS will remain.

So those LDAP search are made regularly to verify that no object were created or modified, to make sure that its equivalent is in sync.

Despite the name of the parameter (CacheCheckDelay) used to set the frequency of the check, this has nothing to do with the Policy Server cache.

This parameter is independent of the XPSSweeper.