NetIQ Access Manager 4.2
LDAP Data Source
When AG ESP starts, it generates an LDAP simple bind to data source defined in the IDP virtual attributes config. If this remote data source is down, we get error messages in the AG ESP catalina log file.
This is a cosmetic issue. No information is retrieved directly from the data source by the AG ESP, only a LDAP health check is done. Therefore, no need to open ports in the firewall between the AG ESP and the data source. The IDP ESP is the one retrieving data from the data source and feeding to the AG ESP.
The IDP ESP and the AG ESP share common code. The data source health check against ldap sources needs to be disabled in the AG ESP code.