Login Slowdown Caused by LDAP Servers Configured with Non-Functional Instances via DNS

One of the authentication and synchronization methods in senhasegura for users is the use of the LDAP protocol. For more information on this configuration, refer to the documentation: Authentication with AD/LDAP Server.

Configuration of the "Host" Field:

Recommended IP Address:

  • The “Host” field should be filled with the address of the LDAP server you intend to connect to.
  • We always recommend using an IP address for greater reliability. Example:
  • The IP addresses should be validated to ensure they are always accessible.

Use of DNS:

  • Alternatively, a DNS name can be used in the “Host” field.
  • Attention and Caution: This configuration should be made very carefully. If the DNS points to an unavailable IP, it may cause slowness and even connection timeout during login.

Ensuring the accessibility and correct configuration of LDAP servers is essential to avoid performance issues and ensure a fast and efficient login experience.

  • Proper DNS Management: Ensure that only functional LDAP servers are listed in DNS and use monitoring tools to update DNS entries dynamically.
  • Reduce Timeouts: Adjust client-side timeouts for quicker failover to functional servers.
  • Load Balancers: Use intelligent load balancers that can detect and exclude non-functional servers.
  • Monitoring and Alerts: Implement robust monitoring of LDAP server health and DNS resolution performance, with alerts for any detected issues.