Policy Server : Session Store tuning questions for performance

book

Article ID: 224238

calendar_today

Updated On:

Products

SITEMINDER CA Single Sign On Federation (SiteMinder)

Issue/Introduction

 

When running a Siteminder Policy Server with CA Directory Session
Store, which are the best values to set to the configuration of the
Session Store (1) ?

 

Environment

 

Policy Server 12.8SP5 on RedHat 7

 

Resolution

 

As per documentation, it's recommended to set these Policy Server
registry keys if your environment expects high volume of
transactions. We recommend you to use the default values first and
then benchmark the environment to detect the possible bottlenecks. If
bottlenecks are detected, then analyse the problem to point out which
aspect of the processing is causing delays. All those parameters help
to solve performances problems.

The same approach is valid to set the MaxConnections value too.

 

Additional Information

 

(1)

    Configure Symantec Directory as a Session Store

      Add the following registry keys that affect the performance of an
      LDAP session store in the
      HKEY_LOCAL_MACHINE\SOFTWARE\Netegrity\SiteMinder\CurrentVersion\SessionServer
      registry location, and customize their values as required:

      SessionUpdateGracePeriod
      MaxConcurrentDeletes
      MaintenanceQueryRowLimit
      EnableFlushUserCmdOnLogout

      [...]

      Connection Pools

      To increase the size of the session store connection pool, modify
      the value MaxConnections registry setting, which can be found at the
      following registry location:

      HKEY_LOCAL_MACHINE\SOFTWARE\Netegrity\SiteMinder\CurrentVersion\LdapSessionServer=numeric_id 

    https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/siteminder/12-8/installing/install-a-policy-server/configure-ldap-directory-servers-as-policy-session-and-key-stores/configure-ca-directory-as-a-session-store.html