Running Policy Server, this one reports steadly and very often the message "Execution time exceeded threshold" in the smps.log:

[2986064/140562292254272][Fri Sep 12 2025 03:51:36.604][SmAuthorization.cpp:1938][INFO][sm-log-00000] Execution time exceeded threshold. (CSmAz::IsOk, 164516, 5000, agent=<agent> client=10.0.0.1 server=https://example.com resource=/ action=POST user=)

[2986064/140562292254272][Fri Sep 12 2025 03:51:36.604][IsAuthorized.cpp:1002][INFO][sm-log-00000] Execution time exceeded threshold. (CSm_Az_Message::IsAuthorized, 164517, 5000, agent=<agent> client=10.0.0.1 server=https://example.com resource=/ action=POST user=)

[2986064/140562292254272][Fri Sep 12 2025 03:51:36.605][Sm_Az_Message.cpp:383][INFO][sm-log-00000] Execution time exceeded threshold. (CSm_Az_Message::ProcessMessage, 164518, 5000, agent=<agent> client=10.0.0.1 server=https://example.com resource=/ action=POST user=)

The User Policies refer to more than 132 nested groups to search for authorizing a single user.

There are 10 User Policies having those 132 nested groups.

Policy Server 12.8SP8CR01 on RedHat 9;
User Store on Windows 2022;

In Policy Server 12.8SP8CR01, the processing of each User Policies goes through 132 LDAP calls. When in Policy Server 12.8SP6, 132 LDAP calls are done only once to resolve all User Policies.

This leads to the Policy Server 12.8SP8CR01 taking around 10 times longer to authorize the users, up to 10 seconds.

Upgrade the Policy Server, the AdminUI and the Policy Store data to 12.9 to fix this issue.