ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Docker: IAM LDAP Configuration - Not able to sync groups


Article ID: 144813


Updated On:


CLOUDTEST CA Application Test CA Cloud Test Mobile MOBILECLOUD Service Virtualization


IAM container ( crash when performing AD Group Sync.


There are too many AD groups to sync.
IAM is timing out.
The default timeout is 5 minutes.


Release : 10.5.1

Component : CA Service Virtualization


1) In the IAM installed/upgraded folder, add/increase the timeouts to 1800 (i.e 30 min) in standalone.xml ((/IdentityAccessManager/standalone/configuration/standalone.xml).
For ""system property, "deployment-scanner"property and JTA transaction timeout limit as shown below.
Set the timeout value depending on the size of users and groups.

<system-properties><property name="iam.truststore.password" value="${iam.truststore.password}"/>
<property name="" value="1800"/>
<subsystem xmlns="urn:jboss:domain:deployment-scanner:2.0"><deployment-scanner path="deployments" relative-to="jboss.server.base.dir" scan-interval="5000" deployment-timeout="1800"runtime-failure-causes-rollback="${jboss.deployment.scanner.rollback.on.failure:false}"/></subsystem>
<subsystem xmlns="urn:jboss:domain:transactions:4.0"><core-environment><process-id><uuid/></process-id></core-environment><recovery-environment socket-binding="txn-recovery-environment" status-socket-binding="txn-status-manager"/><coordinator-environment default-timeout="1800"/><object-store path="tx-object-store" relative-to=""/>

2) Use the LDAP group filter to target specific AD groups.

Additional Information

For configuring LDAP group filter see: