Support Center > Search Results > SecureKnowledge Details
LDAP user fails to connect with Remote Access clients - error "Failed to download Topology"
Symptoms
  • User is not able to connect with Remote Access client - error "Failed to download Topology".

  • The problematic user participates in multiple LDAP groups (over 200 groups on the LDAP server).

  • Internal users, or LDAP users that do not participate in multiple LDAP groups, are able to connect without any issue.

  • Debug of VPND daemon (per sk89940) shows:

    [vpnd PID ...]@HostName[Date Time] [LOG_INFO] Session::serialize: (Session
    .........
    [vpnd PID ...]@HostName[Date Time] createCCCSession:: Trying to update session in storage.
    .........
    [vpnd PID ...]@HostName[Date Time] [LOG_INFO] Session::serialize: (Session
    .........
    [vpnd PID ...]@HostName[Date Time] [LOG_WARNING] Session::serialize: serialize failed, because given len=N is smaller than needed_len=X
    [vpnd PID ...]@HostName[Date Time] [LOG_INFO] Session::serialize: (Session
    .........
    [vpnd PID ...]@HostName[Date Time] [LOG_WARNING] Session::serialize: serialize failed, because given len=N is smaller than needed_len=X
    [vpnd PID ...]@HostName[Date Time] [LOG_ERROR] Session::storageSerialize: serialize failed for MUST fields, len=N, needed=X
    
Cause

Client connection failed because the user object on the Security Gateway (which is part of the CCC session object that is created on a connection attempt) was extremely large.

The unusual size, in this case, was due to user's memberships in numerous LDAP groups. As a result, session was too big to be stored after serialization.


Solution
Note: To view this solution you need to Sign In .