After the Identity Manager server resumes working, all the drivers on the server start except the LDAP driver. After starting the driver, the driver immediately shuts down. This issue is caused by the presence of corrupt LDAP driver cache (TAO) files in Identity Vault’s DIB directory. Setting the driver at Trace level 3 shows the following errors for the driver shutdown:
[11/08/17 22:24:36.079]:ldap driver2 PT:ldap driver2: java.io.EOFException
....
[11/08/17 22:24:36.476]:ldap driver2 PT:
<nds dtdversion="2.0" ndsversion="8.x">
<source>
<product build="20141001_0717" instance="ldap driver2" version="4.0.0.5">Identity Manager Driver for LDAP</product>
<contact>NetIQ Corporation</contact>
</source>
<output>
<status description="An unexpected error occurred in the publisher channel: java.io.EOFException" level="fatal"/>
</output>
</nds>
[11/08/17 22:24:36.477]:ldap driver2 PT:Resolving association references.
[11/08/17 22:24:36.477]:ldap driver2 PT:
DirXML Log Event -------------------
Driver: \IDMWF\UCC\RES\Dirxml\driverset-idmwf\ldap driver2
Channel: Publisher
Status: Fatal
[11/08/17 22:24:36.478]:ldap driver2 PT:
DirXML Log Event -------------------
Driver: \IDMWF\UCC\RES\Dirxml\driverset-idmwf\ldap driver2
Channel: Publisher
Status: Fatal
Message: Code(-9005) The driver returned a "fatal" status indicating that the driver should be shut down. Detail from driver: <application>DirXML</application>
<module>ldap driver2</module>
<object-dn></object-dn>
<component>Publisher</component>
[11/08/17 22:24:36.479]:ldap driver2 PT:Killing driver from publisher thread; after PublicationShim.start().
[11/08/17 22:24:36.479]:ldap driver2 PT:Requesting termination.
[11/08/17 22:24:36.483]:ldap driver2 PT:Ending publisher thread.
To workaround this issue, delete the driver cache files from the DIB directory.
The LDAP driver uses the following cache files:
#####.TAO
dx#####.p
dx#####.t
ldap_########-####-####-####-############
ldap_########-####-####-####-############.p
ldap_########-####-####-####-############.t
The #####.TAO file names and corresponding dx#####.p and .t files are based on the Hexadecimal value for the driver entry id. The ldap_########-####-####-####-############ cache file names are based on the ldap_GUID of the LDAP driver object.
Be careful while deleting the cache files to ensure that there is no loss of queued events. Also, deleting a wrong file can corrupt the Identity Vault. You are not recommended to delete the files manually.
To delete the cache files:
Log in to iManager.
Navigate to the driver and disable the driver.
Save your changes.
This should delete the corrupt cache file.
Verify and remove other cache files for the driver, if they still exist in the DIB directory.
For example, additional cache files such as dx#####.p and dx#####.t files may not be deleted.
Edit the properties of the driver and enable the driver. (Set the startup mode to Auto or Manual)
Select Do not automatically synchronize the driver to prevent the driver to automatically synchronize the objects when the driver loads.
Save your changes.
The .TAO and dx.* files are recreated when the driver is restarted. The corresponding ldap_########-####-####-####-############ files are automatically recreated when the driver starts successfully.