1. Support Portal
  2. RadiantOne IDDM (Formerly Known As FID)
  3. Advanced Configuration

Azure AD Mgraph api times out while fetching entries with memberOf during cache initialization.

Manu de Leon
Updated

Product: Radiant FID, Radiant IDDM

Version: 7.3, 7.4, 8.0

Azure AD Mgraph api times out (does not retry) while fetching entries with memberOf during cache initialization. 

The cache initialization errors out with the following error message:
 
2021-05-28T17:47:49,775 ERROR com.rli.tasks.KillableTask:88 - [ERROR]
javax.naming.PartialResultException: [LDAP: error code 9 - Internal error: java.lang.RuntimeException: javax.naming.NamingException: com.rli.scripts.customobjects.mgraph.MicrosoftGraphAPIException: com.rli.scripts.customobjects.mgraph.MicrosoftGraphAPIException: LINK: memberOf]
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3137) ~[?:1.8.0_282]
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2998) ~[?:1.8.0_282]
at com.sun.jndi.ldap.AbstractLdapNamingEnumeration.getNextBatch(AbstractLdapNamingEnumeration.java:148) ~[?:1.8.0_282]
at com.sun.jndi.ldap.AbstractLdapNamingEnumeration.hasMoreImpl(AbstractLdapNamingEnumeration.java:217) ~[?:1.8.0_282]
at com.sun.jndi.ldap.AbstractLdapNamingEnumeration.hasMore(AbstractLdapNamingEnumeration.java:189) ~[?:1.8.0_282]
at com.rli.tools.ldap.browser.e.b(src:1176) ~[rli-shared-1.0-SNAPSHOT.jar:?]
at com.rli.tools.ldap.browser.e.b(src:1128) ~[rli-shared-1.0-SNAPSHOT.jar:?]
at com.rli.tools.ldap.browser.i.a(src:173) ~[rli-shared-1.0-SNAPSHOT.jar:?]
at com.rli.tools.ldap.browser.i.a(src:112) ~[rli-shared-1.0-SNAPSHOT.jar:?]
at com.rli.tools.ldap.browser.i.a(src:106) ~[rli-shared-1.0-SNAPSHOT.jar:?]
at com.rli.tools.ldap.browser.i.b(src:100) ~[rli-shared-1.0-SNAPSHOT.jar:?]
at com.rli.tasks.ExportLDIFTask.process(src:204) ~[rli-shared-1.0-SNAPSHOT.jar:?]
at com.rli.tasks.CacheInitTask.prepareImage(src:84) ~[rli-shared-1.0-SNAPSHOT.jar:?]
at com.rli.tasks.AbstractCacheInitTask.prepareCacheImage(src:213) ~[rli-shared-1.0-SNAPSHOT.jar:?]
at com.rli.tasks.AbstractCacheInitTask.initPCacheByStep(src:141) ~[rli-shared-1.0-SNAPSHOT.jar:?]
at com.rli.tasks.AbstractCacheInitTask.process(src:96) ~[rli-shared-1.0-SNAPSHOT.jar:?]
at com.rli.tasks.CacheInitTask.process(src:49) ~[rli-shared-1.0-SNAPSHOT.jar:?]
at com.rli.tasks.KillableTask.runTask(src:82) [rli-shared-1.0-SNAPSHOT.jar:?]
at com.rli.tasks.CacheInitTask.main(src:163) [rli-shared-1.0-SNAPSHOT.jar:?]
2021-05-28T17:47:50,687 DEBUG com.rli.scheduler.jobs.ForkTaskJob:56 - Exit value for Cache initialization [vds_server][Category=Users,dc=msgraphKoch] 1
2021-05-28T17:47:50,688 DEBUG com.rli.scheduler.jobs.ForkTaskJob:57 - End of process for task Cache initialization [vds_server][Category=Users,dc=msgraphKoch]
2021-05-28T17:47:50,688 DEBUG com.rli.scheduler.jobs.b:44 - Job: dc_msgraphkoch.Cache initialization [vds_server][Category=Users,dc=msgraphKoch] finished at Fri May 28 17:47:50 UTC 2021
2021-05-28T17:47:50,688 DEBUG com.rli.scheduler.jobs.b:99 - Disabling one time Job: dc_msgraphkoch.Cache initialization [vds_server][Category=Users,dc=msgraphKoch]
2021-05-28T17:47:50,688 DEBUG com.rli.scheduler.jobs.b:102 - Saving Task configuration dc_msgraphkoch.Cache initialization [vds_server][Category=Users,dc=msgraphKoch]
2021-05-28T17:47:50,688 INFO  com.rli.scheduler.jobs.b:55 - ___ End Task ___
 

Purpose: To improve the cache initialization to avoid timeouts and errors If using the Mgraph custom data source and Azure AD contains large volumes of users and/or groups; ~50K+ users

 

Procedure:  Edit the custom data source for Mgraph and add two new properties: max_retries_on_error and retry_interval_on_error.

These properties dictate the behavior of error recovery when initializing persistent cache on the virtual view of the Azure AD backend.

Max_retries_on_error defines the number of retries when an error is encountered. This must be a positive, numeric value. After the maximum retries is exhausted, the exception is logged and the persistent cache initialization is stopped. If this property is not present, or contains an invalid value, no retry logic is used.

Retry_interval_on_error indicates the amount of time to wait before the next retry. This value is in milliseconds. If this property is not present, or contains an invalid value, a default value of 10000 ms (10 seconds) is used.

 

Example: 

 

Additional notes and resources:

For v7.4 you can refer to this guide: https://developer.radiantlogic.com/idm/v7.4/namespace-configuration-guide/08-virtual-views-of-cloud-directories-or-services/#configure-radiantone-custom-data-source 

For v8.0 you can refer to this guide: https://developer.radiantlogic.com/idm/v8.0/namespace-configuration-guide/08-virtual-views-of-cloud-directories-or-services/#configure-radiantone-custom-data-source 

 

 
Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.

Articles in this section

See more