search cancel

LDAP Import hangs on user with large number of groups


Article ID: 238837


Updated On:


CA Service Desk Manager


After upgrading from 17.2.16 to 17.3.12 we have a problem with LDAP import.

When running pdm_ldap_import the process hangs after some time. There are no errors in any logs.



Release : 17.3

Component : SDM - Other


Unfortunately, the crash/hang happens in a Microsoft API that we have to use to communicate with LDAP server. We reached out to Microsoft but they were not able to provide any workaround or solution, hence there is nothing we can do about it. The only option we have is to  build a hierarchy of groups with inheritance, so that the user doesn't have as many explicit groups, or disable the inclusion of group information.

Unfortunately there is nothing else we can really do; moving back to the old API that the earlier release used would break compatibility with current AD versions.