From 13bc38b044a87fd3a4bb38ba52f312c1a6eabc0e Mon Sep 17 00:00:00 2001
From: Pavel Horal <support@orchitech.cz>
Date: Mon, 13 Sep 2021 11:36:44 +0300
Subject: [PATCH] Fix LDAP connection leak during policy update.

---
 .../src/main/java/com/sun/identity/sm/ldap/SMSLdapObject.java    | 1 +
 1 file changed, 1 insertion(+)

diff --git a/openam-core/src/main/java/com/sun/identity/sm/ldap/SMSLdapObject.java b/openam-core/src/main/java/com/sun/identity/sm/ldap/SMSLdapObject.java
index b3a5008ef8..d795a232fd 100644
--- a/openam-core/src/main/java/com/sun/identity/sm/ldap/SMSLdapObject.java
+++ b/openam-core/src/main/java/com/sun/identity/sm/ldap/SMSLdapObject.java
@@ -656,6 +656,7 @@ private ConnectionEntryReader searchObjectsEx(SSOToken token,
 
                 if (!retryErrorCodes.contains(errorCode) || retry >= connNumRetry) {
                     debug.warning("SMSLdapObject.search(): LDAP exception in search for filter match: {}", filter, e);
+                    conn.close(); // Be a good citizen and release the connection
                     throw new SMSException(e, "sms-error-in-searching");
                 }
                 retry++;