Error# '85' during search: 'error: Timed out' in Sharepoint Roles with large amount of users

book

Article ID: 8392

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) AXIOMATICS POLICY SERVER CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction

I am getting a timeout error while searching through SharePoint People Picker only when users in a given role are more than 95,000 users Role "givenName"

There are 99,000 Users in the Role "givenName"

[12396/23006][Mon Sep 04 2017 11:24:50][SmDsLdapConnMgr.cpp:1231][ERROR][sm-Ldap-02230] Error# '85' during search: 'error: Timed out' Search Query = '(&(|(objectclass=organizationalPerson)(objectclass=inetOrgPerson)(objectclass=organization)(objectclass=organizationalUnit)(objectclass=groupOfNames)(objectclass=groupOfUniqueNames)(objectclass=group)(objectclass=organizationalperson)(objectclass=inetorgperson)(objectclass=IDMPerson)(objectclass=groupOfUniqueNames)(objectclass=IDMGroup)(objectclass=organizationalUnit)(objectclass=eTGlobalUser)(objectclass=eTGlobalGroup)(objectclass=organizationalperson)(objectclass=inetorgperson)(objectclass=IDMPerson)(objectclass=groupOfUniqueNames)(objectclass=organizationalUnit))(AssignedRoles=givenName))'

 

 

It was observed that when user count is 90000, the error was not reported. The error occurs when the user count reaches 95000

Cause

Search Timeout needs to be increase in Policy Server configuration

Environment

CA Single Sign-On Policy Server 12.52 SP1 CR06 CA SiteMinder Agent for SharePoint 12.52 SP1 CR04.

Resolution

Please add new registry variable SearchTimeout to increase search timeout in Policy Server.

Under this registry path

HKEY_LOCAL_MACHINE\SOFTWARE\Netegrity\SiteMinder\CurrentVersion\LdapSessionServer\

 

Right click on LdapSessionServer - New - DWORD (32 bit) value this will create a variable and rename as below

SearchTimeout

 

Set the value of 40 (in seconds)

 

 

This registry change should take effect automatically. However, if issue persists after making above registry chnages, please plan a Policy Server restart.