API Gateway: Ldap search via policy manager timeout
search cancel

API Gateway: Ldap search via policy manager timeout


Article ID: 115334


Updated On:


STARTER PACK-7 CA Rapid App Security CA API Gateway


The CA API Gateway is facing  slow LDAP authentication even when the ldap read timeouts are set to high value. The Ldapsearch without gateway works fast.The issue is also seen when logging into policy manager using ldap credentials.

The ldap search for users , groups or any particular user/group showed "Awaiting response from Gateway"
and logging into policy manager showed "Connection to Gateway has been broken"


CA API Gateway 10.0
Cluster of 2 however issue is seen in only one node.


The issue has been identified to be ldap referrals were turned on in ldap configuration.


The ldap referrals can be turned off using
ldap.referral=ignore in cluster wide properties in CA API Gateway.

You can find more about all ldap related cluster wide properties here

Additional Information

Additionally also change the nesting level to 1 in ldap configuration if above solution doesn't work or open a case with Broadcom Support.