I have a report that is generated by ColdFusion that assists our department with account maintenance on our AD network. It looks for a certain set of accounts, then looks up the account of the employee who “requested” or “authorized” the creation of each account to ultimately get verification from that employee that this network account is still needed. If you don’t respond and indicate you still need the support account, it is tagged for removal when we do our system account cleaning.

The system ran perfectly in the past several years, but yesterday it started dying on one of the LDAP calls with the error: “java.lang.OutOfMemoryError: unable to create new native thread”.

The kicker is that the error only occurs on the production server, even though my development box is hitting the same server and running the exact same JVM and is on the same version of ColdFusion 8. And it isn’t failing on the first LDAP call.

Running short on time, I finally discovered a clunky solution: I would call <cfthread action=”sleep” duration=”750″ /> to give the system a “break” before it made the LDAP call that would always fail. Oddly, this worked. Setting it to 100ms still caused it to crash (although it took longer), so I just went long at 750ms.

My only explanation as to why this works is that Java and/or ColdFusion may not be disposing of the LDAP calls quickly enough to avoid having them pile up and eventually cause an overflow and run out of memory.

I am open to someone describing a more appropriate way to handle this. But in the meantime, this is just a scheduled task that can stand to run a little more slowly. I just hate solutions that feel clunky like this, though.