We enabled group based organization and it worked fine when dealing with group and nested groups which has fewer member. We tried enabling it it production with one of the group having 10k + members the risk evaluation fails and the MFA fails too. User retrieval always time out in logs.

Is there any other tweaking that needs to be done when working with such large number of groups ? 

Release : 9.1CP1

Component : AuthMinder(Arcot WebFort) Strong Authentication

OS - Windows

Oracle Unified Directory ( OUD) nested group feature was not properly handled in the code and when user was searched which belonged to the nested Group, the transaction was timing out. This was already fixed on the AD side and AA Engineering team created a patch to address the Oracle OUD issue.

This patch is attached to the KB article. This is delivered for Windows platform and version is 9.1CP1. Same patch will be forward ported to 9.1SP4 which is the next release for Advanced Authentication product.