07-27-2020 01:34 AM
Hello Folks ,
We are having an issue with LDAP auth . We have two servers in LDAP profile
10.1.1.4
10.1.1.26
The timeout settings are
Bind timeout 30 seconds
Search timeout 30 seconds
Retry 60 seconds
The GP timeout is 80 seconds
The behaviour is quite random . Most of the time the auth fails to 10.1.1.4 but it never goes to next server
but some times when elapsed timeout is around 35-40 seconds , it goes to second server
What is the meaning of Search timeout ?
Do i have to decrease the bind and search timeouts ?
-Tom
08-03-2020 12:59 PM
Bind timeout - Time spent trying to connect to a server before marking it 'down'. Will try next in list
Search timeout - Time spent on a successful server attempting a search. Does not mark it down, just incomplete
Retry - Time to 'wait' before reconnecting to a 'down' server (from bind)
When the auth is failing, is it returning an 'auth failed' to the user, or just timing out? If auth failed, they need to enter their username/pw correctly (in format the DC likes)
Would suggest (since you have two servers) lowing BIND to 10 seconds, leave search as is. For the retry interval - lower is good for a network 'blip'. Higher is better if you feel the outage will be > 60 second (reboot of server).
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
