IDM Drivers fail to start with error readClassDef (To Buffer) -649 ERR_INSUFFICIENT_BUFFER

  • 7017970
  • 23-Aug-2016
  • 23-Aug-2016

Environment

NetIQ Identity Manager 4.5
NetIQ eDirectory

Situation

Drivers fail to start on a server. The following error can be seen in the driver startup trace:
3674560256 DVRS: [2016/02/22 11:00:45.44] Active Directory Driver ST:
DirXML Log Event -------------------
     Driver:   \ID45\system\driverset1\Active Directory Driver
     Status:   Error
     Message:  Code(-9010) An exception occurred: novell.jclient.JCException: readClassDef (To Buffer) -649 ERR_INSUFFICIENT_BUFFER
3674560256 DVRS: [2016/02/22 11:00:45.65] Active Directory Driver ST:Driver terminated.

The error occurs after a new class has been added to eDirectory with a very large number of attributes on it.

Another symptom of this problem is that if you check in iMonitor -> Schema -> Base Class, the classes will fail to display, showing an error -150 instead (out of memory error).

Resolution

This error will be reported if any class in the current schema definition has a very large number of attributes. The maximum number of attributes is not fixed, but any single class definition can't exceed the limit imposed by an NCP packet, which is of 64K. This results in a practical limit of approximately 1500 attributes, a limit that depends on the length of the names of the attributes used in the class definition.

This problem often arises on Auxiliary classes. The simplest way to solve it is to split the class definition in smaller classes and add those classes to the objects that need to be extended.