webMethods 8.2 LDAP connect

Formerly it used to be handled via ldap:disconnect.

But it sounds only ldap:search thru is the only work around and should work ideally:

Resolution:

The user can use the pub.client.ldap:search service to replace the previous flow services outlined above.

When set the “close” flag to true, it would handle the LDAP connection close action as in former pub.ldap:disconnect service.


Why are you not wanting to use search parameter is that not working as expected in 822?

HTH,
RMG

Please note KB article on Empower:
1744293 - LDAP built-in services in IS do not close TCP connections when Close parameter is set to Yes

and take in consideration extended property

watt.server.ldap.cleanContext

Shmuel Coller
webMethods Global Support EMEA

Interesting.Thanks very much Shmuel for more update on this.

But I couldn’t find this KB Article#1744293 in my initial search.

TIA,
RMG

Sorry, I sent it to review and publishing - and now realize it was not yet published.
Mistake, Shmuel

make sense.

So is the extended parameter still to be used to handle this issue?

Yes this extended setting is needed with value true in order for actual session to be closed in TCP/IP stack
regards, Shmuel

Thanks for your more clarification on this topic! :smiley:

Thanks Shmuel and RMG for reply …its really helpful for me

RMG, I am using pub.client.ldap:search in loop and my search is based on few values, if first time search is not successful(I don’t find entry) then I have to search with second value and so on… in between I have to preserve connection else i have bind connection again and it leads to extra overheads for binding to LDAP. That’s why after finishing my search, I want to close connection explicitly. :frowning:

Alternatively I can use pub.client.ldap:search after finishing my search (out of loop) to close connection but i belive it takes extra overheads rather directly close connection. Please suggest what could be best approach to use pub.client.ldap:search to close connection where actually i just need to close connection only not for search…

Regards,
Vpn

Yes you can use that search close along with extended setting and after you come out of the loop just fine:

Please test the scenario and check if you see any issues in the logs or LDAP side aspects.

HTH,
RMG

RMG, its working good…

but can I close connection by using custom Code, can you tell me custom code(java code) to close connection explicitly.

I am not sure why do you want to go custom route.what is the issue when it is working fine?

Sorry anyways I don’t have any code handy…please check the wM Java API.

RMG, in same service, i am calling pub.client.ldap.search three times, it taking time for searching thats why i don’t want to again call search service to just close connection, if i call search service to close connection, i have pass madetory inputs and based on it, service search then close connection, so it is overhead unnecssary and impact service performance.

i tried to do custom code but i am not able to find exact class name for object returned by pub.client.ldap.bind so that i can type cast object to LDAPContext and call close() to close connection. It seems pub.client.ldap:bind service is returning String kind of Object(pub.client.ldap$Handle), i am not sure is it String Object, but when i am trying to typecast it to LDAPContext then i am getting error like String object cant be cast to LDAPContext…

can you help to reach on conclusion whether we can achieve closing connection by custom code or it is restriction of webMethods…

Please suggest.

I would say please take up this issue with SAG support on the performance aspect when using search service for just closing connection as opposed to formerly dealt with disconnect service.

Having custom code is over head when you are not sure what cast objects you are dealing with and they can provide you better way handling the close().

HTH,
RMG

hi guys .

Given a functional id i need to search the ldap server to return a list of LDAP groups that id is a part of . what should i do ? can you please help me out

We have an issue with LDAP BIND & SEARCH functionality…

we are doing migration project wM 7.2 - wM 8.2 here we are using LDAP functionality in 7.2 had LDAP connect & Disconnect functionality when we are doing migration only have alternative functionalities were BIND & Search as per this we have implemented.

But , when we ran the service it would be time taking time (huge time) on both LDAP BIND & SEARCH… please give me the valid comments on this.

Hi,

We have migrated services from 7.1 to 8.2 and are using pub.client.ldap.bind and search.
The functionality is working fine but in PROD env, we are getting frequent errors as in the attachment.

javax.naming.PartialResultException.

Since the list of elements to be searched in huge as compared to testing env, may be its the reason but I am not sure

Does any one have an idea on how to solve this issue?

Thanks,
Priya

ErrorLDAP.JPG

Priya,

Please do a quick look at this Empower article and it similar related to the exception:

https://empower.softwareag.com/sl24sec/SecuredServices/KCFullTextASP/viewing/view.asp?KEY=084286-5616727&DSN=PIVOTAL&DST=TCD&HL=1&QUERY=javax.naming.PartialResultException.&SessionID=642962463

HTH,
RMG

Hi Rankesh,
Thanks for the quick reply. Actually, currently I do mot have access on empower. Will you please be able to mail me the pdf the document at prreah@gmail.com

Many thanks,
Priya

Here is what SAG’s take on that article for 8.2 not sure if issue related to your’s or not:

Resolution:

Ignore LDAP referrals.

This error is caused by the pub.client.ldap:search service performing referral chasing. By default, the pub.client.ldap:search service sets referral handling to “follow”. However, this can be overridden through the use of the “ldapEnv” input parameter for the pub.client.ldap:search service.

To prevent the search from doing referral chasing, set one row of the “ldapEnv” input parameter for the pub.client.ldap:search service to “java.naming.referral=ignore”. It is also possible to set “java.naming.referral=throw”, but this will lead to ReferralException messages if the LDAP server sends referrals.

HTH,
RMG