How to properly configure Base DN when using Internal Directory with LDAP Authentication

Jim Walker May 15, 2012

We are using an Internal Directory with LDAP Authentication. The Directory Type is Microsoft Active Directory. I am a newbie to using AD for LDAP Authentication.

We have users in the US and their "domain" is "amer.company.com", and users in the UK and their "domain" is "emea.company.com".

When I set the Base DN as "dc=company,dc=com", then all US and UK users can login, but there is a 5-10 second delay while authenticating.

When I set the Base DN as "dc=amer,dc=company,dc=com", then only US can login, and there is insignificant delay while authenticating.

Can someone suggest a better configuration so US and UK users can login with minimal delay?

1 answer

1 accepted

1 vote
Answer accepted
JamieA
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
May 15, 2012

Just a simple suggestion really, but why not create two directories? This should be fine providing you're using local groups.

The problem is probably something to do with referrals or hitting the wrong DC, but you will need an LDAP admin to help you with that I would think.

Jim Walker May 16, 2012

I used the method of creating two directories, and now there is insignificant delay when US or UK users login. Thanks.

JamieA
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
May 17, 2012

Cool... you can mark my answer as correct if it helps.

Suggest an answer

Log in or Sign up to answer