AD Password Sync Connector Slow On Windows Server 2016 Domain

(Doc ID 2404745.1)

Last updated on JUNE 03, 2018

Applies to:

Identity Manager Connector - Version 9.1.1.5 and later
Information in this document applies to any platform.

Symptoms

Using the 9.1.1.5 version of Microsoft Active Directory Password Synchronization connector, after upgrading the Active Directory functional level to 2016 the connector is now taking 15-18 seconds to search for a user in AD particularly if the user is not found. This is causing devices and users to timeout their password change.

This problem can be reproduced by the following steps:

1. Passwords can be changed the following ways:
a. A computer has a directory password which it changes from code.
b. A user does CTRL-ALT-DEL and changes their password.
c. A user changes their password in Azure and it is synched to AD.


Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms