Issue
After upgrading to 6.4.7.x, customer is experiencing various LDAP timeouts.
One example: unable to search for user's to add to link/tile objects from webAdmin's Link-Menu Admin interface.
Two seconds after clicking the search button, a stack trace with the following error appears:
StonewareException: Access to resource denied (2): Access to resource denied
Cause
If customer enables the com.stoneware.service.DirectoryManager.ds DEBUG option on the loader, they will see an error similar to the following in the resulting logging:
LDAP response read timed out, timeout used:2000ms.; remaining name 'dc=stone-ware,dc=com'
The issue being seen, is from a recent 2 second timeout that was added to prevent a deadlock caused by an LDAP call that never finishes.
Workaround
We have a workaround, that will increase the default timeout to 2 minutes (in milliseconds). This should be high enough for the LDAP server to return a response, but also prevent the search process from never terminating. This value can also be tailored to the environment, lowered or increased if necessary.
Shutdown UW on the server.
Edit the c:\stoneware\bin\webNetwork.lax using Notepad (Notepad may need to be Run As Administrator, depending on the Windows Server version).
Find the lax.nl.java.option.additional= line in the webNetwork.lax file.
Add this parameter to the end of that line:
-DldapReadTimeout=120000
Save the webNetwork.lax file.
Start the webNetwork service from Windows Services.
This needs to be done on each of your UW servers.
The UW servers will now wait 2 minutes for AD to return the results of the search request, instead of timing out after only 2 seconds.