users notice randomly a 15 seconds delay while authenticating to the NIDP server using kerberos authentication

  • 7008814
  • 15-Jun-2011
  • 26-Apr-2012

Environment

Novell Access Manager 3.1
Novell Access Manager 3.1 Service Pack 3
Novell Access Manager 3.1 Linux Novell Identity Server

Situation

  • user authenticating to the NIDP server using the kerberos autjentication class / method / contract notice a random 15 seconds delay during the authentication process
  • users never fail to authenticate
  • the configured Active Directory server returns several LDAP referrals in response to the LDAP search request for the user currently authenticating

Resolution

The DNS resolution for the LDAP servers returned in the LDAP referrals did not resolve to any IP address. Therefore the NIDP server runs into the configured LDAP timeout (default 15 seconds). Adding the required entries to the DNS server fixed the problem. As a temporary workaround the missing entries can be added to the "hosts" file