Bug ID 1009113: Updating Active Directory Authentication timeout values does not work properly

Last Modified: Nov 22, 2021

Bug Tracker

Affected Product:  See more info
BIG-IQ System User Interface(all modules)

Opened: Apr 06, 2021
Severity: 3-Major

Symptoms

Attempting to update the Active Directory Authentication Provider Connection or Read timeout values does not preserve or display the updates properly.

Impact

BIG-IQ might not honor the configured timeout value.

Conditions

You need to increase the length of time the BIG-IQ waits for a connection and/or response from the Active Directory server. The default values for connection is 5 seconds and read is 10 seconds.

Workaround

Modify the values using the API. Identify the unique identifier for the Active Directory Provider: restcurl cm/system/authn/providers/ldap?\$select=name,id,providerType The output will look something like this: { "items": [ { "id": "12345-6789-0abc-def0-1234567890ab", "name": "my.ldapserver", "providerType": "LDAP" }, { "id": "abcde-f012-3456-7890-abcdef01", "name": "my.adserver", "providerType": "Active Directory" } ], "generation": 14, "kind": "cm:system:authn:providers:ldap:ldapprovidercollectionstate", "lastUpdateMicros": 1617129152260618, "selfLink": "https://localhost/mgmt/cm/system/authn/providers/ldap" } Using the ID for my.adserver (abcde-f012-3456-7890-abcdef01), update the values to the desired value in milliseconds. This example sets the connection timeout to 90 seconds and the read timeout to 120 seconds: restcurl -X PATCH -d '{"connectTimeoutMs":90000, "readTimeoutMs":120000}' /cm/system/authn/providers/ldap/abcde-f012-3456-7890-abcdef01

Fix Information

None

Behavior Change