Home

Multiple Domains for LDAP Not Performing Well

We’re trying to configure our LDAP with two separate domains, but we’re having trouble getting it to work. Calling them domain #1 and domain #2, domain #1 works just fine, and it’s the one that we’ve always used. Domain #2 is a new addition, and while it pulls users correctly, the logins are very spotty. Sometimes it lets you right in, sometimes it takes 2 minutes, and sometimes it returns an invalid username/password error.
   We’ve compared the configurations in weblogic, and we’ve set the control flags in order:
AgileAuthenticator: Optional
Domain #1: Sufficient
Domain #2: Sufficient
   Is there anything else that we should be looking at to improve the performance with Domain #2? Any insight at all would be greatly appreciated.
Thank you,
Kevin.
Agile User Asked on January 11, 2021 in IT and Networking.
Add Comment
Cancel
1 Answer(s)

Hello Kevin

We have multiple domains setup and it works well. Couple of questions

1. I assume you did the same LDAP config setup in Java client as well. Correct?

2. Did you run the migrateUsersToDB after that and force a complete one-time sync? Reason is the users belonging to the new domain need to have auth_src updated. Otherwise, you can see invalid username/password issues.

We had scenarios when one user moves from one region to another (and hence LDAP domain changes) and we run into this login issue. We have to update the auth_src to make it work

Hope this helps

– Raj

 

Cancel
Agile Angel Answered on January 14, 2021.
Add Comment
Cancel

Your Answer

By posting your answer, you agree to the privacy policy and terms of service.