Monday, September 17, 2007

Oracle Internet Directory (OID) ldapbind gives: sgslufread: Hard error on read, OS error = 10054

We were using a Cisco Load Balancing Router (LBR or CSS) and trying to do a simple ldapbind -p 389 -h machine would give the following error:
sgslufread: Hard error on read, OS error = 10054 (on windows)
sgslufread: Hard error on read, OS error = 104 (on linux)
ldap_bind: Can't contact LDAP server

(might have also seen sgslufread: Hard error on read, OS error = 194 )

It turned out that the LBR was configured with Layer 5 load balancing (it does URL inspection). It is turned on by adding url "/*" to the content
content layer5
protocol tcp
vip address xxx.xxx.xxx.xxx
add service server1
port 389
url "/*"
active

The problem is that we have LDAP traffic, not HTTP traffic. Layer5 (url "/*") is for HTTP traffic. Removing the
url "/*"
took care of the issue.

I also received the same error when using an F5 load balancer to connect via LDAPS (SSL encrypted) on port 636. In this case the solution was to turn off the F5 LDAP monitor for port 636. For some reason the F5 does not like to monitor the OID SSL LDAP port.