ORA ( Oracle Radius Agent ) LDAP Timeout Issue
(Doc ID 2871439.1)
Last updated on NOVEMBER 02, 2023
Applies to:
Oracle Radius Agent - Version 12.2.1.4 and laterInformation in this document applies to any platform.
Symptoms
+. Seeing intermittent LDAP timeout issue in Radius server logs as shown below. Updated the LDAP configuration with "connectTimeout" : "15000" as shown below but in the logs still see the timeout used is 5000ms.
1. Used the API to update the LDAP configuration.
curl -X PATCH \
https://<ORA_HOSTNAME>:<PORT>/radius-config/v1/configurations --insecure \
-H 'authorization: Basic XXXXXXXXXXX' \
-H 'cache-control: no-cache' \
-H 'content-type: application/json' \
-H 'postman-token: <TOKEN_ID>' \
-d '{
"authentication" : {
"ldap" : {
"connectTimeout" : "15000"
}
}
}'
Radius-Server logs:
022.03.28 03:24:06.484 WARNING oracle.idm.radius.server.listener.RadiusListener oracle.idm.radius.impl.logger.RadiusLoggerJUL log Thread[Thread-218,5,server]: Same packet is already being processed for the Client: /<IP_Adress>:<Port> with PacketIdentifier: 43 and is In-Progress, so dropping it.
2022.03.28 03:24:06.525 FINEST oracle.idm.radius.impl.auth.primary.ldap.JNDIConnectionPool oracle.idm.radius.impl.auth.primary.ldap.JNDIConnectionPool expire Thread[pool-439-thread-4,5,server]: Expiring pool connection: Handle-2.
2022.03.28 03:24:06.525 FINEST oracle.idm.radius.impl.auth.primary.ldap.JNDIConnectionPool oracle.idm.radius.impl.logger.RadiusLoggerJUL log Thread[pool-439-thread-4,5,server]: ConnectionPool: Exception in checkInContext: Need to specify class name in environment or system property, or in an application resource file: java.naming.factory.initial, Expiring Handle-2
2022.03.28 03:24:06.526 FINEST oracle.idm.radius.impl.auth.primary.ldap.JNDIConnectionPool oracle.idm.radius.impl.auth.primary.ldap.JNDIConnectionPool checkOutContext Thread[pool-439-thread-4,5,server]: LDAP response read timed out, timeout used: 5000 ms.
javax.naming.NamingException: LDAP response read timed out, timeout used: 5000 ms.
at java.naming/com.sun.jndi.ldap.LdapRequest.getReplyBer(LdapRequest.java:129)
at java.naming/com.sun.jndi.ldap.Connection.readReply(Connection.java:434)
+. Reload configuration was run and config file shows as updated timeout to 15000ms but still the log shows the old value as above.
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms |
Cause |
Solution |