LDAP Referral Following & Group Level Authentication

Document ID : KB000115709
Last Modified Date : 24/09/2018
Show Technical Document Details
Question:
I'm trying to enable AD LDAP authentication for the EM UI.  I have the LDAP/AD authentication working, but I see the EM server following LDAP referrals in LDAP responses which is causing performance issues during the login process.   I'm trying to figure out a configuration to prevent the EM server from following LDAP referrals.  
Environment:
All APM releases
Answer:
Only Active Directory can create and configure referrals. Most LDAP clients such as APM can only accept and process referrals whether they are relevant or not.

What you can do is set the base search path and search scope to base or one-level instead of subtree. See https://docs.microsoft.com/en-us/windows/desktop/ad/search-scope for details