Posts Tagged ‘error’

VNX LDAP Integration: AD Nested Groups

February 11, 2015

Have you ever stumbled upon AD authentication issues on VNX, even though it all looked configured properly? LDAP integration has always been a PITA on storage arrays and blade chassis as usually there is no way to troubleshoot what the actual error is.


If VNX cannot lookup the user or group that you’re trying to authenticate against in AD, you’ll see just this. Now go figure why it’s getting upset about it. Even though you can clearly see the group configured in “Role Mapping” and there doesn’t seem to be any typos.

Common problem is Nested Groups. By default VNX only checks if your account is under the specified AD group and doesn’t traverse the hierarchy. So for example, if your account is under the group called IT_Admins in AD, IT_Admins is added to Domain Admins and Domain Admins is in “Role Mapping” – it’s not gonna work.


To make it work change “Nested Group Level” to something appropriate for you and this’d resolve the issue and make your life happier.

Out of memory issues in Openfire

October 24, 2011

We are constantly getting following errors in Openfire 3.6.4 installation:

java.lang.OutOfMemoryError: GC overhead limit exceeded

java.lang.OutOfMemoryError: Java heap space

It turns out that it’s a common error for 3.6.4.  Read this announcement Suffering from memory-related issues in Openfire? Read this! and this forum thread Openfire 3.6.4 memory leak with Empathy.

This error is related to memory leak in PEP which implements extended statuses. Since we don’t use them we just switched PEP off. Go to your Openfire admin console, select Server->Server Manager->System Properties at the bottom add property xmpp.pep.enabled value false. Restart server.

Update: this actually didn’t help us. Probably the only way is to upgrade to the latest stable version.