API Gateway: Ldap search via policy manager timeout
search cancel

API Gateway: Ldap search via policy manager timeout

book

Article ID: 115334

calendar_today

Updated On:

Products

STARTER PACK-7 CA Rapid App Security CA API Gateway

Issue/Introduction

The CA API Gateway is facing  slow LDAP authentication even when the ldap read timeouts are set to high value. The Ldapsearch without gateway works fast.The issue is also seen when logging into policy manager using ldap credentials.

The ldap search for users , groups or any particular user/group showed "Awaiting response from Gateway"
and logging into policy manager showed "Connection to Gateway has been broken"
 

Environment

CA API Gateway 10.0
Cluster of 2 however issue is seen in only one node.

Cause

The issue has been identified to be ldap referrals were turned on in ldap configuration.
 

Resolution

The ldap referrals can be turned off using
ldap.referral=ignore in cluster wide properties in CA API Gateway.

You can find more about all ldap related cluster wide properties here
https://techdocs.broadcom.com/us/en/ca-enterprise-software/layer7-api-management/api-gateway/10-0/reference/gateway-cluster-properties/ldap-cluster-properties.html

Additional Information

Additionally also change the nesting level to 1 in ldap configuration if above solution doesn't work or open a case with Broadcom Support.