I use cn=dirctory manager to create a connection pool like this:(There are two LDAP Server)
FailoverServerSet serverSet = new FailoverServerSet(hosts, ports);
serverSet.setReOrderOnFailover(true);// this is very important!
BindRequest bindRequest = new SimpleBindRequest(userDn, password);
connectionPool = new LDAPConnectionPool(serverSet, bindRequest, initialConnections, maxConnections);
connectionPool.setCreateIfNecessary(true);
if (maxWaitTime != null)
connectionPool.setMaxWaitTimeMillis(maxWaitTime);
if (maxWaitTime != healthCheckInterval)
connectionPool.setHealthCheckIntervalMillis(healthCheckInterval);
Modify a entry with connection of the pool:
// DN
String dn = configManager.buildAccountDN(account.getAccountId());
if (log.isDebugEnabled())
log.debug("Updating account[" + account.getAccountId() + "] to the LDAP.");
try {
conn = connectionPoolManager.getConnection();
ModifyRequest request = new ModifyRequest(dn, AccountAttributesHelper.createModifications(account));
LDAPResult result = conn.modify(request);
log.info("Update account [" + account.getAccountId()
+ (result.getResultCode().intValue() == 0 ? "] success" : "] failed"));
} catch (Exception e) {
log.error(e.getMessage());
} finally {
connectionPoolManager.releaseConnection(conn);
}
Most of time it works fine, but sometime:Insufficient 'write' privilege to the 'cn' attribute of entry, the resultcode=50.
Help Me, thanks!
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I don't immediately see anything wrong with the code that you're using, nor am I aware of any bug in the LDAP SDK that might be causing it.
Does the server you're using provide any kind of access log that allows you to obtain information about the processing it has performed? If so, can you find the stream of operations processed on the connection on which you see the failure? For example, are there any bind operations processed on that connection? If there are binds on the connection other than the one performed when it was initially established, then that could explain the discrepancy. Similarly, if you don't see any bind at all on the connection (not even the one that should have been performed when the connection was established), then that could also provide a clue as to what might be going on.
If it looks like the connection is properly authenticated, then are you able to confirm that there isn't a problem with the entry itself that might be causing the problem? For example, if you re-try the same modify operation against the same entry (perhaps using a different tool in case there is some weird LDAP SDK bug) does it succeed? If not, then that would indicate a problem in the server rather than the client.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I use cn=dirctory manager to create a connection pool like this:(There are two LDAP Server)
FailoverServerSet serverSet = new FailoverServerSet(hosts, ports);
serverSet.setReOrderOnFailover(true);// this is very important!
BindRequest bindRequest = new SimpleBindRequest(userDn, password);
connectionPool = new LDAPConnectionPool(serverSet, bindRequest, initialConnections, maxConnections);
connectionPool.setCreateIfNecessary(true);
if (maxWaitTime != null)
connectionPool.setMaxWaitTimeMillis(maxWaitTime);
if (maxWaitTime != healthCheckInterval)
connectionPool.setHealthCheckIntervalMillis(healthCheckInterval);
Modify a entry with connection of the pool:
// DN
String dn = configManager.buildAccountDN(account.getAccountId());
if (log.isDebugEnabled())
log.debug("Updating account[" + account.getAccountId() + "] to the LDAP.");
try {
conn = connectionPoolManager.getConnection();
ModifyRequest request = new ModifyRequest(dn, AccountAttributesHelper.createModifications(account));
LDAPResult result = conn.modify(request);
log.info("Update account [" + account.getAccountId()
+ (result.getResultCode().intValue() == 0 ? "] success" : "] failed"));
} catch (Exception e) {
log.error(e.getMessage());
} finally {
connectionPoolManager.releaseConnection(conn);
}
Most of time it works fine, but sometime:Insufficient 'write' privilege to the 'cn' attribute of entry, the resultcode=50.
Help Me, thanks!
I don't immediately see anything wrong with the code that you're using, nor am I aware of any bug in the LDAP SDK that might be causing it.
Does the server you're using provide any kind of access log that allows you to obtain information about the processing it has performed? If so, can you find the stream of operations processed on the connection on which you see the failure? For example, are there any bind operations processed on that connection? If there are binds on the connection other than the one performed when it was initially established, then that could explain the discrepancy. Similarly, if you don't see any bind at all on the connection (not even the one that should have been performed when the connection was established), then that could also provide a clue as to what might be going on.
If it looks like the connection is properly authenticated, then are you able to confirm that there isn't a problem with the entry itself that might be causing the problem? For example, if you re-try the same modify operation against the same entry (perhaps using a different tool in case there is some weird LDAP SDK bug) does it succeed? If not, then that would indicate a problem in the server rather than the client.