UDS taking too long to respond for User retrieval from AD

book

Article ID: 106199

calendar_today

Updated On:

Products

CA Rapid App Security CA Advanced Authentication CA API Gateway

Issue/Introduction

We are experiencing long delays and performance issues when authenticating the users against our Enterprise AD from Advanced Auth. The UDS seems to be taking too long to bind and unbind from AD to query for the user logging in. 

Cause

Active Directory has referrals enabled and UDS follows the referrals by default, in this scenario we have see UDS taking longer as AD is following the referrals.

https://docs.microsoft.com/en-us/windows/desktop/ad/referrals

 

Environment

All

Resolution

Please follow the below suggestion 

Add a flag like following in the arcotcommon.ini : 
[arcot/extn] 
LDAP_REFFERAL_IGNORE_FLAG=ignore 

This needs a restart so apply the changes in all server one at a time and restart the application server hosting the UDS service.