Hello All,
We are facing an issue regarding User Authorization. Please find below the scenario we are facing:
- We are authorizing users against a User Group present in our AD
- When 2 users are added into this User Group in AD simultaneously, user 1 is able to Authorize immediately into the application authorizing against the User Group and user 2 takes close to 15-20 mins sometimes to be able to authorize against the same application.
- We checked at AD level and could see user 1 and user 2 both present in the User Group and still we see the above behavior where user 2 is not able to authorize for 15-20 mins and after that is able to authorize.
- Saw the article https://support.ca.com/us/knowledge-base-articles.TEC544401.html and checked the AZ cache details and found below:
HKEY_LOCAL_MACHINE\SOFTWARE\Netegrity\SiteMinder\CurrentVersion\Ds\DsCacheParms=6561
DsInfoEnabled= 0x1; REG_DWORD
DsInfoMaxSizeMB= 0x14; REG_DWORD
DsInfoTimeoutSeconds= 0xe10; REG_DWORD
UserPolicyCacheMaxSize= 0x3e8; REG_DWORD
- If the Above configurations are the reason for delayed reflection of the end user when added to the user group in directory then it should happen the same way for each addition of user into the user group, somehow that’s not the case with all users which are added to the User Group or removed from User Group.
- Not sure why it’s only particular to some ID’s, but authentication request does happen at each and every request to access the application and we do se AzReject at our end for user 2 as well.
Your analysis and help on the above would be appreciated.
Thanks
Ankur Taneja