DX Application Performance Management

Document ID:  TEC1566066
Last Modified Date:  6/6/2016
Authored By: Yanna

• Products
  • CA Application Performance Management
• Releases
  • CA Application Performance Management:Release:10.0
  • CA Application Performance Management:Release:10.1
  • CA Application Performance Management:Release:10.2
  • CA Application Performance Management:Release:CA APM 9.5
  • CA Application Performance Management:Release:CA APM 9.6
  • CA Application Performance Management:Release:CA APM 9.7
• Components
  • INTROSCOPE
  • Integrations with other Products
  • INTROSCOPE
  • INTROSCOPE WEBVIEW
  • WORKSTATION
  • INTROSCOPE WORKSTATION
  • APPLICATION PERFORMANCE MANAGEMENT

Symptoms:

CA APM Webview client takes long time to login for LDAP users who belong to nested group in LDAP.

Environment:

CA APM 9.1.x  to CA APM 10.2

Cause:

All LDAP groups seem to  be queried to determine if a user has entitlements to log into CA APM Introscope Workstation / Webview clients.  This broad/recursive search seems to be the method implemented by CA in order to provide a general-purpose solution for all LDAPs; unfortunately  this search method is very inefficient due to the quantity and size of LDAP groups. if a user belongs to a nested group and if you wantto disable nested group search then one can put in this property to do so to reduce ldap query overhead.

Workaround:

Add the below property in the realms.xml file to disable Nested Group Search.

By default this property is optional and default value is false and by default the code searches for nested groups recursively.

<!-- Optionally set to true to disable group searching which searches for
nested groups. -->
<!-- Default is false. -->
<property name="disableNestedGroupSearch">
<value>true</value>
</property>

Note: Need to restart EM

Search the Entire CA APM Knowledge Base