This discussion is archived
2 Replies Latest reply: Oct 5, 2011 2:30 AM by EJP RSS

OperationNotSupported error during AD paged search

843793 Newbie
Currently Being Moderated
Hey all,

We're running some java code (pasted far below) that does a paged search against AD. The code goes through all users 1000 users per page. It takes about 3 minutes to do some processing on each batch of 1000, once done it goes out and requests the next 1000. Now this code runs fine in our dev and test environments. But in our prod environment it fails consistently, it never makes it through all the pages successfully. In all our environments we have roughly 300k user in AD. In prod sometimes the code fails after the second page, sometimes after the 159th page, sometimes after the 20th page it always fails at different points....the problem happens at some point in processing when we go out and try getting the next page of users we get the following error:

javax.naming.OperationNotSupportedException: [LDAP: error code 12 - 00000057: LdapErr: DSID-0C090745, comment: Error processing control, data 0, v1db0]; remaining name 'DC=domain,DC=com'
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3101)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2987)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2794)
at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1826)
at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1749)
at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:368)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:338)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:321)
at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:248)


The only real difference between prod and our dev/test environments is that dev/test were built from the ground up as 2008 servers whereas prod was a 2003 that we upgraded to 2008. All of our environments are 2008 R2. Has anyone run into this problem before? The below code in essence does the same thing our code is doing i've substituted the processing we do for each batch of users with a sleep of 3 minutes to simulate it. The same error occurs with the below code in our prod environment but works fine in our test/qa.....Thanks in advance!



import java.util.*;
import javax.naming.*;
import javax.naming.directory.*;
import javax.naming.ldap.*;
import java.io.*;

public class LDAPTest {
public static void main(String[] args) throws Exception {

     String hostname = "server.domain.com";
     int port = 389;

     String login = "admin@domain.com";
     String password = "password";











     String basedn = "dc=domain,dc=com";
     String filter = "(&(objectcategory=user)(whenChanged>=19000101000000.0Z))";
     int pageSize = 1000;
     String[] attrs = new String[] {
"OrgName", "ipPhone", "pager", "mail", "userPrincipalName",
"sAMAccountName", "st", "postalCode", "company", "sn", "initials", "homePhone",
"accountExpires", "lockoutTime", "pwdLastSet", "objectGUID", "cn",
"mustChangePwd", "givenName", "displayName", "title", "memberOf", "mobile",
"physicalDelvieryOfficeName", "whenChanged"
     };
String sortKey = "usnChanged";
     int pauseTime = 3;


Hashtable env = new Hashtable();
env.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL,"ldap://"+hostname+":"+port+"/");
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_PRINCIPAL, login);
env.put(Context.SECURITY_CREDENTIALS, password);

     env.put(Context.REFERRAL,"ignore");
     
LdapContext ctx = new InitialLdapContext(env, null);

     byte[] cookie = null;
     int total;
ctx.setRequestControls(new Control[]{
          new PagedResultsControl(pageSize, Control.CRITICAL)
,
     new SortControl(sortKey, Control.CRITICAL)
               });
SearchControls ctls = new SearchControls();
ctls.setSearchScope(SearchControls.SUBTREE_SCOPE);
int count=0;
do {
     int psz=0;
NamingEnumeration results =
          ctx.search(basedn, filter, ctls);
while (results != null && results.hasMoreElements()) {
          results.next();
          psz++;
     }

     Control[] controls = ctx.getResponseControls();
     if (controls != null)
          for (int i = 0; i < controls.length; i++)
          if (controls[i] instanceof PagedResultsResponseControl)
               cookie = ((PagedResultsResponseControl)controls).getCookie();
ctx.setRequestControls(new Control[]{
          new PagedResultsControl(pageSize, cookie, Control.CRITICAL)
,
     new SortControl(sortKey, Control.CRITICAL)
});
     System.err.println("Got page "+count+" with " + psz + " results.");
          if (cookie != null)
               Thread.sleep(pauseTime*1000);
     count++;
} while (cookie != null);
     ctx.close();
     System.err.println ("*** END ***");
}
}