CAS

Tech Tip - (CA Privileged Identity Manager):ldap_bind_timeout token

Discussion created by CAS Employee on Apr 4, 2016

CA Privileged Identity Manager Tech Tip by Carlos A. Solla, Principal Support Engineer for April 4, 2016.

 

The ldap_bind_timeout determines how much UNAB is prepared to wait during a bind to a Domain Controller. If a DC that is already in a UNAB connection pool for a domain is inaccessible, an LDAP bind to it will fail after that much time and then the agent should fail over onto the next DC in the pool if any, and so on. Once a bind is initiated one will have to wait up to that ldap_bind_timeout limit.

 

A bind can take just a couple of seconds. ldap_bind_timeout limits the wait in the worst case scenario (DC is not operational, etc.)

 

The ldap_bind_timeout token is found in the uxauth.ini file.

; Specifies the maximum period in seconds for LDAP authentication attempt.

; Default Value: 30

ldap_bind_timeout = 30

Outcomes