Policy Server reports Error 82 during cache rebuilds:
[17987/4011699056][Fri Oct 16 2015 08:45:01][SmObjProvider.cpp:187][ERROR][sm-Server-03090] Policy store failed operation 'MultipleSearch' for object type 'UserDirectory' . LDAP Error Doing UserDirectory_Fetch: 82: Local error
These errors are encountered on other object types as well such as "UserDirectory", "TrustedHost", "PropertyCollection", and "ServerCommand" to name a few.
CA directory has setting dxgrid-queue and the issue may occur when this setting set to true. Pre-SP14, it was set to ‘false’ by default, Post-SP14, it is set to ‘true’ by default.
These failed searches are the result of a packet/memory corruption issue in CA Directory R12.0.14 through R12.0.17 with 'set dxgrid-queue=true' (default).
This error is reported by LDAP SDK on the Policy Server side due to malformed packet received from CA Directory.
This issue is resolved in CA Directory R12.0.17 CR-01. So, to resolve this issue and still be able to use the dxgrid-queue upgrade CA Directory to version R12.0.17 CR-01 or later.
1. Disable dxgrid-queue by adding following configuration in your DSA initialization file (.dxi ) :
2. Restart DSA
However, please note , disabling the dxgrid-queue comes with the penalty of loosing the following benefits which comes with the dxgrid-queue :
- Improves performance of concurrent search and update requests.
- Allows abandoning of searches that are not performed yet (due to reasons such as client disconnect or timeout).
- Increases thread utilization, thus allowing better throughput.
- Allows the set interrupt-searches = true|false; command to be used to prevent long running searches blocking updates. See the set interrupt-searches command for more details.