返回
-
标题
How to increase performance for Password Manager -
说明
How to increase performance for Password Manager
-
解决办法
There are several factors that may impact Password Manager performance. Most notably:
- Nested AD Groups and Redundant Groups in the User Scope:
- Example User Scope: Domain Users, PMUsers, PMAllowedUsers, WestCoast, and Sales. In this example Domain Users already includes all users in the domain and therefore any other group is redundant, which may impact performance.
- Example AD Group: PMUsers AD Group includes several other AD groups in its Members list.
IMPACT: - The initial Find User search action performed by a user may be slow as Password Manager has to check the nested Groups to determine the user's membership.
- Scheduled Tasks may take an exceptional amount of time to complete as it must drill through each group (nested) for every user to determine access.
- Scheduled Tasks
- Ensure that Scheduled Tasks are set to run during off-hours as certain tasks such as Invite/Remind Users to Create/Update Profile can drastically impact performance.
- Password Policies
- Having a large number of Password Policies, including Fine Grained Password Policies (FGPP) can impact performance as Password Manager has to go through each policy to see if it applies to each user. This will impact the Scheduled Tasks Reminder to Change Password, and Maximum Password Age Policy, Otherwise it may affect users directly when they are Resetting or Changing their passwords through normal self-service methods.
- Having a large number of Password Policies, including Fine Grained Password Policies (FGPP) can impact performance as Password Manager has to go through each policy to see if it applies to each user. This will impact the Scheduled Tasks Reminder to Change Password, and Maximum Password Age Policy, Otherwise it may affect users directly when they are Resetting or Changing their passwords through normal self-service methods.
Here are some other ways to decrease the load in the server:
- Use multiple Password Manager hosts
- Example: Use round-robin DNS or load balancer.
- Increase the system memory and CPU.
- Example: If you are expecting 500 users to hit the server all at the same time, you should have at least 12 GB of RAM to handle the load. (More may be required depending on the environment).
- A large User Scope may cause certain Scheduled Tasks to take an exceptional amount of time to complete. Increasing CPU and Memory can reduce the impact on the Password Manager server.
- Stagger how many users and when the users will receive the notification to Create/Update Profiles. This will lessen the possibility of 500 users for example, all hitting the server at the same time.
- Nested AD Groups and Redundant Groups in the User Scope: