5

I'm getting this exception occasionally, while trying to connect Active Directory.

javax.naming.CommunicationException: <ServerIP>:<PORT> 
  [Root exception is java.net.ConnectException: Connection timed out: connect]

Here is my code:

    DirContext ctx = null;
    Properties env = new Properties();

    env.put(Context.SECURITY_PRINCIPAL, <Bind_USER>);
    env.put(Context.SECURITY_CREDENTIALS, <Bind_USER_PWD>);
    env.put(Context.PROVIDER_URL, "ldap://<ServerIP>:<PORT>");            
    env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");

    ctx = new InitialDirContext(env);

Getting the connection timeout exception in this line ctx = new InitialDirContext(env);. It doesn't happen every-time, but happens quite often.

Please advise me, how to get rid of this issue?

Andrew Thompson
  • 168,117
  • 40
  • 217
  • 433
Karthik Bose
  • 33,556
  • 3
  • 33
  • 43
  • This is a workaround I did to overcome the above random issue: Catch the CommunicationException, and try again at-least 3 times. Hope it'll be useful to someone like @futurebaby – Karthik Bose Aug 06 '18 at 11:34

4 Answers4

3

This happens to me occasionally as well. And because it only happens ~1% of the time, I doubt it's any of the reasons listed in Juned's answer since nothing changes in my setting.

For me it happens quite randomly and is fixed without any specific action on my part. This makes me believe that the answer provided here is correct:

It is most likely a connection leak. Connection timeout can be caused by many things but most of them would cause it every time. Very likely the LDAP server has a maximum number of connections it will handle simultaneously, and beyond that it won't call accept(), so new incoming connections remain in the backlog queue, which fills up, which can cause further incoming connections to time out.

@OP Can you run netstat -anp at the server when this happens, to check the hypothesis above? Can you also set a connection-idle timeout at the LDAP server? That would fix connection leaks but in a brute-force way that may break other things.

Community
  • 1
  • 1
Tamara Aviv
  • 885
  • 1
  • 11
  • 28
0

Had the same intermittent issue, although the config pointed to a domain name (not an IP).

By using NSLOOKUP, it was discovered that a non-existent DC was listed which was causing intermittent connection issues.

KERR
  • 1,312
  • 18
  • 13
0

I began to notice this as well when I swapped out the use of a Timer with that of ScheduledExecutorService for launching my Ldap Server. The problem turned out to be a race condition. I changed the launch time of my Ldap Server from 0 delay to a 5 second delay and this seems to have resolved the java.net.ConnectException to my Ldap Server.

Race condition existed here :

final ScheduledExecutorService ses = Executors.newSingleThreadScheduledExecutor(); ses.scheduleWithFixedDelay(ldapServer, 0, 5, TimeUnit.SECONDS);

Race condition resolved here :

final ScheduledExecutorService ses = Executors.newSingleThreadScheduledExecutor(); ses.scheduleWithFixedDelay(ldapServer, 5, 5, TimeUnit.SECONDS);

Dave McLure
  • 839
  • 1
  • 8
  • 10
0

I have been getting the same error after moving over to LDAPS I am now using Port 636 and I discovered that one of the Domain Controllers on the Domain I connect to is blocked on port 636.

[Root exception is java.net.ConnectException: Connection timed out: connect] I

Luzuko Edwana
  • 1
  • 1
    (This post does not seem to provide a [quality answer](https://stackoverflow.com/help/how-to-answer) to the question. Please either edit your answer and improve it, or just post it as a comment to the question). – sɐunıɔןɐqɐp Sep 12 '18 at 09:38