CA Service Management

  • Private Community
 View Only

  • 1.  CA SDM taking time to load on IIS

    Posted Oct 01, 2014 02:13 PM

    We are using CA SDM 12.6

     

    Since 2 days, login page of CA SDM is taking time to load on IIS(port 80 and 443).

    We have configured SDM to run from IIS7 by default.

    When using tomcat (port 8443) it loads in 1-2 seconds.

     

    But when running on IIS, it takes about 2-4 minutes for the page to load.

    Once logged in, everything else works fine.

     

    Any help on this will be appreciated as I'm now clueless on what might be causing this.



  • 2.  Re: CA SDM taking time to load on IIS
    Best Answer

    Broadcom Employee
    Posted Oct 01, 2014 02:26 PM

    Hi Chirag,

     

    I think it might be single-sign-on / windows authentication that's slowing it down.  When you access SDM, do you see the SDM user/pass Logon screen ?  OR  do you single sign on automatically ?

     

    Close all your browsers and try to access an HTML page (a test page)  on the same Default Web Site  that's hosting the CAisd virtual directory and see if that takes the same amount of time.  

     

    Would Firefox/Chrome behave differently (usually they dont do single-sign-on against IIS by default), so you'd get prompted for  your windows credentials.

     

    _R



  • 3.  Re: CA SDM taking time to load on IIS

    Posted Oct 01, 2014 03:03 PM

    You are right!

    The test page opens right away.

    And yes, when SDM is accessed, it logs in directly bypassing the login page.

    So windows authentication might be the culprit.

     

    Any ideas/suggestions on how this can be resolved?



  • 4.  Re: CA SDM taking time to load on IIS

    Broadcom Employee
    Posted Oct 01, 2014 04:18 PM

    I've seen it happen some times when my browser from a host on a windows domain would try to connect to IIS website on a server belonging to another domain, wherein the domains do not trust each other.  So it would take a while for the site to understand/process the auth request before it let me in to SDM.

     

    Were there any changes made to the domain / authentication mechanism recently ?

     

    _R



  • 5.  Re: CA SDM taking time to load on IIS

    Posted Oct 01, 2014 10:30 PM

    You are right Raghu.

    Thanks a lot of giving me these tips.

    Will need to check internally with the IT team if any changes were done to the authentication mechanism.

    I'm getting below errors in logs when accessing SDM:

    ldap_agent_nxd      3324 ERROR        ldap_agent.c          1519 ldap_get_next_page() error: (Timeout)

    boplgin                    2772 ERROR        bplaccess.c            3041 AHD04013:Internal error in method (got_ldap_domset): ldap_get_next_page() error: (Timeout)



  • 6.  Re: CA SDM taking time to load on IIS

    Broadcom Employee
    Posted Oct 03, 2014 09:45 AM

    The error normally indicates that the LDAP Searches that Service Desk is doing are timing out because they're not getting result from the LDAP server with in a specified interval.

     

    @NX_LDAP_TIMEOUT=XXXX     #in seconds

     

    The above could help, but you're basically delaying the inevitable.  I believe the LDAP server is either overloaded and/or  the SDM Server is connecting to the wrong/slow domain controller / LDAP server. That could be why the logins are slow AND once you're logged in there's no need to contact that server so SDM appears fast again.

     

    _R