In this scenario, there was a large number of groups (500+) being retrieved when using the option "Check the user DN in these groups" under the LDAP Server profile.
The following error is logged when trying to retrieve the groups:
Exception occured in 'LdapOperator.filter_user_groups': filter_user_groups timed out
Connectivity from the appliance to the ldap servers is working fine and groups can be retrieved but seems to be timing out intermittently.
WORKAROUND:
- Change the method to retrieve the groups within the LDAP Server profile from using "Check the user DN in these groups" to "Enable checking for group DNs in user objects".
OR
- Reduce the number of groups
© 2025 One Identity LLC. ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center