Active Directory Realm Performance


(David F Quiroga) #1

We have an Active Directory Realm configured to use ldaps (SSL/TLS).

Does anyone know if the system uses pooled connections to the AD server vs creating a new connection for each authentication request?

Also wondering how long/if the system caches search results, i.e. a users credentials and group membership?

Thank you for you time.


(Tim Vernum) #2

This is configurable, however the pool requires that you provide a system wide bind_dn user to establish connections for the pool. See: https://www.elastic.co/guide/en/x-pack/6.1/active-directory-realm.html#_configuring_a_bind_user

This is also configurable. See cache.ttl in the AD realm settings


(David F Quiroga) #3

Thanks for the direction Tim. That was helpful.


(system) #4

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.