Identity Portal search causing user stores to go down. Longest Search Strategy in Identity Portal
search cancel

Identity Portal search causing user stores to go down. Longest Search Strategy in Identity Portal

book

Article ID: 247911

calendar_today

Updated On:

Products

CA Identity Suite CA Identity Portal

Issue/Introduction

User store issue:

In IP.

https://api-broadcom-ca.wolkenservicedesk.com/attachment/get_attachment_content?uniqueFileId=F1qE3sBdw9NciiDEs7dz+w==

 

Search takes a lot of time.  They have 3 user stores.  primary, secondary, and DR.  The primary user store is very slow and run the search query.  If another user searches this brings all the other user stores down.  In logs you see a search query for CA Directory. It creates a search screen for each attribute and connect to CA Directory for the search.  We need to limit the ability to search in IP.  The search goes to first CA Directory and someone else does a similar search and it goes to another CA Directory and it brings them all down. Chendra explains search in IP works like a Google search. IP\Setup\Searches\  SSPR search.  

 

Environment

Release : 14.4

Component : SIGMA-Identity Suite, Virtual Appliance

Resolution

Reviewed "Search Strategy" for EXACT.  If using double quotes they will send the single string. 

https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/identity-portal/14-4/administrating/identity-portal-administration/setup/connectors/search-strategy-guide.html

Can we set to LONGEST search strategy?

-----
The system will select the longest 2 words in the phrase and search by them.

Query will look as follows:
(%FIRST_NAME% = *John* OR %LAST_NAME% = *John* OR %EMAIL% = *John*) AND
(%FIRST_NAME% = *Chicago* OR %LAST_NAME% = *Chicago* OR %EMAIL% = *Chicago*)

The system will then filter out incorrect results that do not contain the word “Doe” in them.

-----

IM and IP search work differently.  Do the same search in IM it returns immediately. Ran same search in IP and it continues to spin. In IM you can validate fields on forms. 

Configure the "Longest Search Strategy" 

These are the following conditions to be applied for "Longest Search Strategy".

1. The minimum search attribute size is two.  

  •     Login to the IP Admin Console
  •     Click on the Elements Tab
  •     Click on the Searches and Click on your search Name.
  •     It will open the Search in Edit Mode.
  •     Click on Attributes menu
  •     Check there whether you have at-least two attributes selected. If not, select two attributes at-least.
  •     Save the Search.

Enable the Logging in Connector and restart the Connector.

Test your search now.  

The Longest Search works in the following way.

The system will select the longest 2 words in the phrase  (search string) and search by them.

 

For Example:

Searchable attributes are: %FIRST_NAME%, %LAST_NAME%

Search phrase entered by user: mr. John Doe Chicago 

The Query will look as follow:

[{"field":"%FIRST_NAME%","operation":"CONTAINS","value":"Chicago","conj":null},
 {"field":"%LAST_NAME%","operation":"CONTAINS","value":"Chicago","conj":"Or"},
 {"field":"%FIRST_NAME%","operation":"CONTAINS","value":"John","conj":"And"},
 {"field":"%LAST_NAME%","operation":"CONTAINS","value":"John","conj":"Or"}]