Skip to main content
Waters Employee Login
 
Waters

Slow performance when logging in to NuGenesis SDMS with LDAP accounts - WKB64200

  1. Last updated
  2. Save as PDF
Article number: 64200

SYMPTOMS

  • Delays of roughly 20 seconds are seen when users log in to NuGenesis SDMS client applications, such as WebVision or UNIFY, with LDAP credentials

ENVIRONMENT

  • NuGenesis 9 SDMS
  • NuGenesis 8 SDMS
  • Microsoft Active Directory

CAUSE

The LDAP server includes three or more referrals in the search results for all queries against the root directory object. When SDMS follows these referrals, it gets an IP address from DNS for a server that either is not Active Directory (not listening on ports 389/636) or is behind a firewall and not accessible to the NuGenesis servers.

FIX or WORKAROUND

  1. If possible, set the base DN in the SDMS configuration to one level down from the root directory object; for example, ou=Users,dc=domain,dc=com rather than dc=domain,dc=com. Active Directory does not include the referrals in the search results when the query begins below the root object.
    • This workaround may not be possible given the existing user structure in your AD server. For example, if the first level is OU=SiteName and users from all sites are expected to use SDMS, this workaround is not practical
  2. Use the Global Catalog port (3268 insecure, 3269 secure) instead of the standard LDAP ports.  The Global Catalog does not include referrals in it's query results
  3. Modify the hosts file on the NuGenesis web server so that it has entries for ForestDnsZones.yourdomain.com, DomainDnsZones.yourdomain.com, and yourdomain.com that point to a valid and accessible LDAP server.

ADDITIONAL INFORMATION

 

id64200, SDMS, SDMS8, SDMS8NU, SUPISDMS, SUPNG

Not able to find a solution? Click here to request help.