I am trying to establish LDAP operators instead of TEM own operators, but I am failing in production.
It works against a small AD (test environment), but not against the production AD. It’s not a DNS issue and the test while creating the LDAP Directory definition is fine. It’s displaying a time out error while searching for/create new operator:
LDAP Search Failed
Search files on “”: Fail to search to the directory:
Time Limit Exceeded (error HTTP 503 in method /data/ad-list-data-search)
It would be also nice to limit the LDAP directory entry to specific OU only, didn’t found a working way to do this as the “Base DN” field seems to accept only the domain description but no additional OU parameters.
I was sure that I tried it as you wrote, but it looks I made something wrong.
Now it works. I have specified the OU from which my TEM Admins will come from and as this is only a very small subset of the whole domain, there is also no time out any more.
thank you very much for the feedback, it was me not giving any further updates.
All my LDAP servers (domain controllers) are global catalog servers
I reduced the amount of stuff to search through by specifying an OU (OU=xyz, DC=…)
good point with “start with”. In fact, I am using this now and is as fast as expected. Need to check if this would also resolve the whole directory. Yes, having this as “default” would be good.