When using Active Directory, you have to tune the performance parameters in Active Directory section
- Under Active Directory connection, select “Performance” button.
- You will be redirected to Authentication modules
- MAX Processes:
How many process proxy can use at the same time to query the Active Directory.
- Preload processes:
How many processes to preload when creating a new one
- Prepare processes:
How many processes to load when starting proxy service.
- Cache garbage interval:
The time period between garbage collection across the username cache. This is a trade-off between memory utilization.
- Authentication cache time:
The time a user & their credentials stay in the logged in user cache since their last request.
When the garbage interval passes, all user credentials that have passed their TTL are removed from memory.
- Authentication cache time by IP address:
This directive controls how long Proxy remembers the IP addresses associated with each user.
Use a small value if your users might change addresses quickly, as is the case with dialup.
You might be safe using a larger value (e.g., 2 hours) in a corporate LAN environment with relatively static address assignments.
- Credentials cache time:
Specifies how long Proxy assumes an externally validated username:password pair is valid for (in other words how often the helper program is called for that user). Set this low to force revalidation with short lived passwords.
- Search groups cache time:
how long Proxy remembers the Active Directory Group associated to the user.