Skip to content

Commit 655be27

Browse files
authored
Merge pull request #250603 from b-ahibbard/ldap-timeout
NFSAAS-27975: ldap query timeout
2 parents a751043 + f7e76fd commit 655be27

File tree

2 files changed

+9
-1
lines changed

2 files changed

+9
-1
lines changed

articles/azure-netapp-files/create-active-directory-connections.md

Lines changed: 7 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@ ms.workload: storage
88
ms.tgt_pltfrm: na
99
ms.custom: devx-track-azurepowershell
1010
ms.topic: how-to
11-
ms.date: 03/01/2023
11+
ms.date: 09/07/2023
1212
ms.author: anfdocs
1313
---
1414
# Create and manage Active Directory connections for Azure NetApp Files
@@ -72,6 +72,12 @@ Several features of Azure NetApp Files require that you have an Active Directory
7272
7373
* LDAP queries take effect only in the domain specified in the Active Directory connections (the **AD DNS Domain Name** field). This behavior applies to NFS, SMB, and dual-protocol volumes.
7474
75+
* <a name="ldap-query-timeouts"></a> LDAP query timeouts
76+
77+
By default, LDAP queries time out if they cannot be completed in a timely fashion. If an LDAP query fails due to a timeout, the user and/or group lookup will fail and access to the Azure NetApp Files volume may be denied, depending on the permission settings of the volume.
78+
79+
Query timeouts can occur in large LDAP environments with many user and group objects, over slow WAN connections, and if an LDAP server is over-utilized with requests. Azure NetApp Files timeout setting for LDAP queries is set to 10 seconds. Consider leveraging the user and group DN features on the Active Directory Connection for the LDAP server to filter searches if you are experiencing LDAP query timeout issues.
80+
7581
## Create an Active Directory connection
7682
7783
1. From your NetApp account, select **Active Directory connections**, then select **Join**.

articles/azure-netapp-files/lightweight-directory-access-protocol.md

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -118,7 +118,9 @@ The following section discusses the basics of LDAP as it pertains to Azure NetAp
118118
contoso.com internet address = y.y.y.y
119119
```
120120
* LDAP servers can also be used to perform custom name mapping for users. For more information, see [Custom name mapping using LDAP](#custom-name-mapping-using-ldap).
121+
* LDAP query timeouts
121122
123+
By default, LDAP queries time out if they cannot be completed in a timely fashion. If an LDAP query fails due to a timeout, the user and/or group lookup will fail and access to the Azure NetApp Files volume may be denied, depending on the permission settings of the volume. Refer to [Create and manage Active Directory connections](create-active-directory-connections.md#ldap-query-timeouts) to understand Azure NetApp Files LDAP query timeout settings.
122124
123125
## Name mapping types
124126

0 commit comments

Comments
 (0)