Login as an AD-user to ENTM Web UI takes a noticeable amount of time.

Document ID : KB000035748
Last Modified Date : 14/02/2018
Show Technical Document Details

Problem:

Login as an AD-user to ENTM Web UI takes a noticeable amount of time.

 

Environment: 

Applies to all supported environments for ENTM where Active Directory or any other supported LDAP directory is used.
 

Cause:

This behaviour can be caused by various reasons
- user is belonging to many nested AD user groups with many members
- Active Directory is spreading over several trees
- SSL is used to connect to AD and to ENTM's JBoss server
- user has been authorised to many privileged accounts in ENTM

 


Resolution:

- if possible simplify group assignments in AD for the ENTM user so the user is member of a few groups with few members only

- Change the connection port number to 3268 (LDAP) or 3269 (LDAPs/SSL) for AD connection. Now SAM will search for Global Catalogue.
  This is done in idmmanage, export & import AD settings.
 
- to not automatically display the accounts the user has been authorised to (upon login to ENTM) do once in
  idmmanage / Environments / ac-env / Advanced Settings / Miscellaneous:
  Change the value of MyAccountsTabAutoSearch from true to false.

 

 
Additional Information:

https://technet.microsoft.com/en-us/library/dd772723(v=ws.10).aspx
http://www.ca.com/us/support/ca-support-online/product-content/knowledgebase-articles/tec617027.aspx
http://www.ca.com/us/support/ca-support-online/product-content/knowledgebase-articles/tec1665492.aspx