[Deploying Sakai] Sakai 2.8.1 LDAP provider

İrfan SÜRAL irfansural at gmail.com
Wed Mar 20 05:31:55 PDT 2013


Hi All,


We have successfully implemented LDAP & sakai 2.8.1 integration.


We have 4 core CPU and 8 GB RAM Windows Server 2003 Active Directory & LDAP

And we have 2 core processors, 32 GB RAM and mysql & tomcat at the same
physical server; Environment = Opensuse 12.2, Java 1.6.0_20, tomcat 5.5.34,
maven 2.2.1



If concurrent users are more then 250-300 we get LDAP errors like below;
which shows LDAP is under load.


Exception in thread "Thread-560734" java.lang.RuntimeException:
Connection.freeWriteSemaphore(559558): thread does not own the semaphore,
owned by -3 
        at com.novell.ldap.Connection.freeWriteSemaphore(Unknown Source) 
        at com.novell.ldap.Message.putReply(Unknown Source) 
        at com.novell.ldap.Connection$ReaderThread.run(Unknown Source) 
        at java.lang.Thread.run(Thread.java:619)


2013-03-05 22:04:11,938 ERROR http-80-Processor716
edu.amc.sakai.user.JLDAPDirectoryProvider - getUser() failed [eid:
LDAPException: Unable to connect to server xxxxxxxx:389 (91) Connect Error
java.net.ConnectException: Connection refused
        at com.novell.ldap.Connection.connect(Unknown Source)
        at com.novell.ldap.Connection.connect(Unknown Source)



4 core CPU and 8 GB RAM can't handle 300 concurrent users? 

Users have chat-tool in lessons and this mostly happening when they use

Is LDAP request occurs every time users click in sakai or only in log-in

dou you advise me to use CAS instead of LDAP or other single sign on
solutions? Our student's account stored on Active Directory.

How can find deep information about deployment, or LDAP communication
principle in SAKAI?

What about configuration options like searchScope, operationTimeout  that I
have used in LDAP? Is all good or can be more optimized?


Thanks In advance,


More Details:  https://jira.sakaiproject.org/browse/SAK-23292 





jldap-beans.xml file contents

<property name="ldapHost">

<property name="ldapPort">
<property name="ldapUser">
<property name="ldapPassword">

<property name="autoBind">
<property name="basePath">
<property name="followReferrals">
<property name="operationTimeout">
  <property name="searchScope">
  <property name="cacheTTL">

<property name="attributeMappings">
         <entry key="login">
         <entry key="firstName"><value>name</value></entry>

  <property name="userType">




-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://collab.sakaiproject.org/pipermail/production/attachments/20130320/18ab7d85/attachment.html 

More information about the production mailing list