GP Issue with LDAP timeouts

cancel
Showing results for 
Search instead for 
Did you mean: 

GP Issue with LDAP timeouts

L3 Networker

Hello Folks ,

 

We are having an issue with LDAP auth . We have two servers in LDAP profile

 

10.1.1.4

10.1.1.26

 

The timeout settings are

Bind timeout 30 seconds

Search timeout 30 seconds

Retry 60 seconds

 

The GP timeout is 80 seconds

 

The behaviour is quite random . Most of the time the auth fails to 10.1.1.4 but it never goes to next server

 

but some times when elapsed timeout is around 35-40 seconds , it goes to second server

 

What is the meaning of Search timeout ?

 

Do i have to decrease the bind and search timeouts ?

 

-Tom

1 REPLY 1

L2 Linker

Bind timeout - Time spent trying to connect to a server before marking it 'down'.  Will try next in list

Search timeout  - Time spent on a successful server attempting a search.  Does not mark it down, just incomplete

Retry - Time to 'wait' before reconnecting to a 'down' server (from bind)

 

 

When the auth is failing, is it returning an 'auth failed' to the user, or just timing out?  If auth failed, they need to enter their username/pw correctly (in format the DC likes)

 

Would suggest (since you have two servers) lowing BIND to 10 seconds, leave search as is. For the retry interval - lower is good for a network 'blip'.  Higher is better if you feel the outage will be > 60 second (reboot of server).

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!