000022186 - LDAP Synchronization takes too long or times out when using RSA ACE/Server

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000022186
Applies ToRSA ACE/Server
Microsoft Active Directory
IssueLDAP Synchronization takes too long or times out when using RSA ACE/Server
CauseSynchronization job queries non-indexed attribute, and searches too many records
ResolutionTo correct this issue, instead of using a non-indexed attribute such as "objectclass=user", use an indexed attribute like "objectcategory=person". Another option is to change the query port from 389 to 3268 which is the global catalog port. This port is used more for server communication, and queries are given a higher priority. Also, if there are any referrals, the server will traverse them for the client and return the result.
Legacy Article IDa27240

Attachments

    Outcomes