Intermittent error using DirectoryServices (The directory service is unavailable)

If you’re putting heavy load on your AD server using DirectoryServices you may find you get intermittent errors such as ‘The directory service is unavailable’ or ‘The server is not operational’

If you don’t keep an LDAP connection in scope then a new connection gets created for each object and the AD server runs out of wild-card TCP ports (or so I’ve read online Laughing)

Anyway, the simple solution is to keep a connected DirectoryEntry object in scope while you perform the other operations. This will ensure all operations use the same LDAP connection (as long as they have the same connection string and credentials)

The code below illustrates the problem. This falls over at iteration 62000 approx on my test system

[code:c#]

using System;
using System.Collections.Generic;
using System.Text;
using System.DirectoryServices;

namespace DirectoryServices
{
    class Program
    {
        static void Main(string[] args)
        {
            try
            {

                for (int i = 0; i < 100000; i++)
                {
                    string LDAPPath = “LDAP://PathGoesHere”;
                    using (DirectoryEntry DE = new DirectoryEntry(LDAPPath))
                    {
                        string name = DE.Properties[“distinguishedName”].Value.ToString();
                    }
                }
            }
            catch (Exception ex)
            {
                Console.WriteLine(ex.Message);
                Console.WriteLine(ex.StackTrace);
            }
        }
    }
}

[/code]

To remedy it, you can just add the following code at the top of the method – or you could use a static variable to keep the LDAP connection in scope

[code:c#]

using System;
using System.Collections.Generic;
using System.Text;
using System.DirectoryServices;

namespace DirectoryServices
{
    class Program
    {
        static void Main(string[] args)
        {

            /* create a object to hold the connection open */
            string LDAPPathConn = “LDAP://”;
            DirectoryEntry DEConn = new DirectoryEntry(LDAPPathConn);
            DEConn.RefreshCache();

            int i = 0;

            try
            {

                for (i = 0; i < 100000; i++)
                {
                    string LDAPPath = “LDAP://PATHGOESHERE”;
                    using (DirectoryEntry DE = new DirectoryEntry(LDAPPath))
                    {
                        string name = DE.Properties[“distinguishedName”].Value.ToString();
                    }
                }

            }
            catch (Exception ex)
            {
                Console.WriteLine(“ERROR IN LOOP: i=” + i.ToString() );
                Console.WriteLine(ex.Message);
                Console.WriteLine(ex.StackTrace);
            }
        }
    }
}

[/code]

 

 

 

 

One comment

  1. Good catch! I kept seeing these errors popping up in our logs and occasionally impacting our users, this fixed it!

Leave a Reply

Your email address will not be published. Required fields are marked *