Environment
Novell Access Manager 3.1
Novell Access Manager 3.1 Service Pack 3
Novell Access Manager 3.1 Linux Novell Identity Server
Novell Access Manager 3.1 Service Pack 3
Novell Access Manager 3.1 Linux Novell Identity Server
Situation
- user authenticating to the NIDP server using the kerberos autjentication class / method / contract notice a random 15 seconds delay during the authentication process
- users never fail to authenticate
- the configured Active Directory server returns several LDAP referrals in response to the LDAP search request for the user currently authenticating
Resolution
The DNS resolution for the LDAP servers returned in the LDAP referrals did not resolve to any IP address. Therefore the NIDP server runs into the configured LDAP timeout (default 15 seconds). Adding the required entries to the DNS server fixed the problem. As a temporary workaround the missing entries can be added to the "hosts" file