Return
-
Title
Error occurred while getting user groups from LDAP -
Description
In this scenario, there was a large number of groups (500+) being retrieved when using the option "Check the user DN in these groups" under the LDAP Server profile.
The following error is logged when trying to retrieve the groups:
Exception occured in 'LdapOperator.filter_user_groups': filter_user_groups timed out
Connectivity from the appliance to the ldap servers is working fine and groups can be retrieved but seems to be timing out intermittently.
-
Cause
LDAP Servers may not answer fast enough at times when trying to retrieve a large number of groups. -
Resolution
WORKAROUND:
- Change the method to retrieve the groups within the LDAP Server profile from using "Check the user DN in these groups" to "Enable checking for group DNs in user objects".
OR
- Reduce the number of groups