This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

AD Authentication Slowness

Go to answer
Kevin_Danel
Confirmed Champ
Confirmed Champ

‎09-25-2015 01:39 PM

Hello,

My organization recently implemented AD Authentication in our OnBase system and although it is working, my users think that the authentication speed is too slow. I know that this could probably primarily be a network speed issue; however, I am not sure how to go about identifying where the slowness is coming from. Has anyone had a similar situation and has any advice? We mostly use the OnBase Thick Client but the slowness is also seen using the Web Client. Authentication time usually ranges between 15 seconds and 30 seconds.

Thank you,


Kevin Danel
OnBase Administrator
the Chickasaw Nation
Information Technology

Labels:
0 Kudos
2 ACCEPTED ANSWERS

Go to answer
AdamShaneHyland
Employee
Employee

‎09-25-2015 02:47 PM

Hi Kevin!

Thanks for the post.

I'm sorry to hear about the network authentication slowness issue you are experiencing.  If you are noticing the issues in both the OnBase Thick Client and the Web Client, the easiest way to troubleshoot is to start by enabling the verbose switch on the OnBase Thick Client shortcut.  Simply add the -V switch.  This will write a verbose log to the users temporary directory (Start | Run | %temp%).  Looking through the verbose logs, you should see timestamps.  Scroll through the log file until you see major gaps in time.  This might help to identify why there are lags querying back to Active Directory.

Additionally, you could enable the LDAP profile within the Application Servers web.config.  This can be done manually by setting the enableMailSlot from false to true and then attempting to login with the Diagnostics Console running.  You might have to enable the LDAP/NT tab to view the messages.  Once enabled you will see the messages generated by a user attempting to authenticate into OnBase.  As well, you should be able to find gaps in time where slowness is being experienced.

If you are not familiar/comfortable troubleshooting using Verbose or other tools such as Diagnostics Console, I would recommend working with your first line of support.

Take care.

View answer in original post

0 Kudos

Go to answer
Kevin_Danel
Confirmed Champ
Confirmed Champ

‎08-29-2016 07:45 AM

Hello,

I just wanted to report back that we have upgraded to OnBase v16 and the AD authentication slowness is gone now. I think the slowness was definitely a version 12 problem because we had the issue all the way up to the ugprade, and after the upgrade it is 100% gone. 

Thank you,
Kevin Danel

View answer in original post

0 Kudos
11 REPLIES 11

Go to answer
AdamShaneHyland
Employee
Employee

‎09-25-2015 02:47 PM

Hi Kevin!

Thanks for the post.

I'm sorry to hear about the network authentication slowness issue you are experiencing.  If you are noticing the issues in both the OnBase Thick Client and the Web Client, the easiest way to troubleshoot is to start by enabling the verbose switch on the OnBase Thick Client shortcut.  Simply add the -V switch.  This will write a verbose log to the users temporary directory (Start | Run | %temp%).  Looking through the verbose logs, you should see timestamps.  Scroll through the log file until you see major gaps in time.  This might help to identify why there are lags querying back to Active Directory.

Additionally, you could enable the LDAP profile within the Application Servers web.config.  This can be done manually by setting the enableMailSlot from false to true and then attempting to login with the Diagnostics Console running.  You might have to enable the LDAP/NT tab to view the messages.  Once enabled you will see the messages generated by a user attempting to authenticate into OnBase.  As well, you should be able to find gaps in time where slowness is being experienced.

If you are not familiar/comfortable troubleshooting using Verbose or other tools such as Diagnostics Console, I would recommend working with your first line of support.

Take care.

0 Kudos

Go to answer
Kevin_Danel
Confirmed Champ
Confirmed Champ

‎09-28-2015 01:58 PM

Thank you for your advice, Adam. I see thru the verbose logs that it is having to go thru every individual OnBase/AD user group and see if my account is in it or not. We have about 500 groups that it has to go through. That is the part that seems to be taking the longest.

We are set to use the Network Security option named "Active Directory." The username mapping attribute we have is sAMAccountName. We have it set to Synchronize User
Attributes on Auto-Logon. Within the Active Directory settings, we have "Search User's Login Domain Only" checked and also "No Serverless Binds" checked.

0 Kudos

Go to answer
AdamShaneHyland
Employee
Employee
In response to Kevin_Danel

‎09-29-2015 05:12 AM

Thanks for the update. The next question, which authentication method are you using for Active Directory? Depending on the method we might have some options to make it faster.
0 Kudos

Go to answer
Kevin_Danel
Confirmed Champ
Confirmed Champ
In response to Kevin_Danel

‎09-29-2015 06:11 AM

We are set to use the Network Security option named "Active Directory." The username mapping attribute we have is sAMAccountName. We have it set to Synchronize User Attributes on Auto-Logon. Within the Active Directory settings, we have "Search User's Login Domain Only" checked and also "No Serverless Binds" checked.
0 Kudos
Getting started

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2024 Khoros, LLC