Slow performance is seen during Service Desk Manager (SDM) Login operation when using External Authentication and LDAP/Active Directory.

Document ID : KB000026428
Last Modified Date : 14/02/2018
Show Technical Document Details

Summary:

When using Service Desk Manager (SDM) with External Authentication and LDAP/Active Directory, slow performance may be seen during a user login/authentication operation. This document provides a way to resolve the same.

 

Environment:

SDM 12.7 / SDM 12.9 / SDM 14.1

 

Instructions:

By design, if Contacts/Access Types are defined in Service Desk Manager using External Authentication, Service Desk validates the user login with the System login string:

domain\username account

At this point the LDAP server could take time to return the results because this user is unlikely to have been defined using the domain name.

Service Desk first checks the Contact record and then LDAP server.

In order to improve performances at login, it is possible to modify the Contact record 'System Login' field to be defined as

domain\username account

for all the Contacts that use External Authentication.

 

But this would only address the situation for the existing users already defined in Service Desk Manager and cannot be automatically applied to the new LDAP users dynamically defined in our product.

A complete solution for this kind of situation, in which also the new Ldap users dynamically defined can be correctly set in Service Desk Manager, is the following:

  1. Backup file $NX_ROOT\bopcfg\majic\ldap.maj

  2. Shutdown Service Desk service

  3. Open file ldap.maj for editing and find string "sAMAccountName"

  4. Replace string with "userPrincipalName"

  5. Save file

  6. Change timestamp of file to the same as backup file

  7. Restart Service Desk service

  8. Test problem but first remove domain from System Login field in Contact record

  9. Once it is verified that the above works, for every time a patch is about to be installed, check if ldap.maj is being delivered in the patch.

  10. If it is not, then install the patch and no other action is needed.

  11. If it is, then the same steps as above need to be done to the ldap.maj file.