How To
ForgeRock Identity Platform
Does not apply to Identity Cloud

How do I tune LDAP connection pool settings in AM (All versions) using ssoadm?

Last updated May 10, 2022

The purpose of this article is to provide assistance with tuning LDAP connection pool settings in AM using ssoadm. These connection pool settings apply to your LDAP data stores and LDAP authentication modules.

1 reader recommends this article

Tuning LDAP connection pool settings


Refer to Tuning LDAP Connectivity for advice on tuning these connection pool settings and console navigation.

LDAP data store settings

You can configure the LDAP data store connection pool sizes as follows using ssoadm:

  • LDAP Connection Pool Minimum Size: enter the following command: $ ./ssoadm update-datastore -e [realmname] -m [datastorename] -u [adminID] -f [passwordfile] -a sun-idrepo-ldapv3-config-connection_pool_min_size=[size]replacing [realmname], [datastorename], [adminID], [passwordfile] and [size] with appropriate values.
  • LDAP Connection Pool Maximum Size: enter the following command: $ ./ssoadm update-datastore -e [realmname] -m [datastorename] -u [adminID] -f [passwordfile] -a sun-idrepo-ldapv3-config-connection_pool_max_size=[size]replacing [realmname], [datastorename], [adminID], [passwordfile] and [size] with appropriate values.

LDAP authentication modules

You can configure the LDAP authentication module connection pool sizes (Default LDAP Connection Pool Size) as follows using ssoadm:

$ ./ssoadm set-attr-defs -s iPlanetAMAuthService -t global -u [adminID] -f [passwordfile] -a iplanet-am-auth-ldap-connection-pool-default-size=[minSize:maxSize]

replacing [adminID], [passwordfile] and [minSize:maxSize] with appropriate values.

For example, if you wanted to tune this to the recommended production settings: 10 (minimum connection pool size) and 65 (maximum connection pool size), you would use a ssoadm command such as:

  • AM 7 and later: $ ./ssoadm set-attr-defs -s iPlanetAMAuthService -t global -u uid=amAdmin,ou=People,dc=openam,dc=forgerock,dc=org -f pwd.txt -a iplanet-am-auth-ldap-connection-pool-default-size=10:65
  • Pre-AM 7: $ ./ssoadm set-attr-defs -s iPlanetAMAuthService -t global -u amadmin -f pwd.txt -a iplanet-am-auth-ldap-connection-pool-default-size=10:65

See Also

How do I understand what the user data store is used for in AM (All versions)?

FAQ: Installing and using ssoadm in AM

Related Training


Related Issue Tracker IDs


Copyright and Trademarks Copyright © 2022 ForgeRock, all rights reserved.