Environment
NetIQ Access Manager 4.2
Virtual Attributes
LDAP Data Source
Situation
When AG ESP starts, it generates an LDAP simple bind to data source defined in the IDP virtual attributes config. If this remote data source is down, we get error messages in the AG ESP catalina log file.
Resolution
This is a cosmetic issue. No information is retrieved directly from the data source by the AG ESP, only a LDAP health check is done. Therefore, no need to open ports in the firewall between the AG ESP and the data source. The IDP ESP is the one retrieving data from the data source and feeding to the AG ESP.
Cause
The IDP ESP and the AG ESP share common code. The data source health check against ldap sources needs to be disabled in the AG ESP code.