Technical Blog Post
LDAPSYNC fails with connection closed
In LDAPSYNC, if a large chunk of data takes a long time to process and the processing time exceeds the Active Directory’s idle connection timeout setting (MaxConnIdleTime), it can cause the Active Directory to close the connection which leads to synchronization failure.
LDAPSYNC fails with errors like these:
BMXAA6752E - Group synchronization could not be performed because of error connection closed. The error count was 148. See the associated message. Correct the problem and try to synchronize again.
javax.naming.CommunicationException: connection closed [Root exception is java.io.IOException: connection closed]
BMXAA6752E - Group synchronization could not be performed because of error Connection reset. The error count was 170. See the associated message. Correct the problem and try to synchronize again.
javax.naming.CommunicationException: Connection reset [Root exception is java.net.SocketException: Connection reset]
javax.naming.CommunicationException: abcde.xyz.com:328 [Root exception is java.net.ConnectException: Connection refused: connect]
Increase the value of MaxConnIdleTime on the Active Directory server so that it is larger than the processing time of the largest chunk of data.
MaxConnIdleTime is the maximum time in seconds that the client can be idle before the LDAP server closes the connection. If a connection is idle for more than this time, the LDAP server returns an LDAP disconnect notification. The default value of MaxConnIdleTime is 900 seconds.