Active Directory Authentication performance

When using Active Directory, you have to tune the performance parameters in Active Directory section

  • Under Active Directory connection, select “Performance” button.

28-05-2015 00-00-05

  • You will be redirected to Authentication modules

28-05-2015 00-02-04

  • MAX Processes:
    How many process proxy can use at the same time to query the Active Directory.
  • Preload processes:
    How many processes to preload when creating a new one
  • Prepare processes:
    How many processes to load when starting proxy service.
  • Cache garbage interval:
    The time period between garbage collection across the username cache. This is a trade-off between memory utilization.
  • Authentication cache time:
    The time a user & their credentials stay in the logged in user cache since their last request.
    When the garbage interval passes, all user credentials that have passed their TTL are removed from memory.
  • Authentication cache time by IP address:
    This directive controls how long Proxy remembers the IP addresses associated with each user.
    Use a small value if your users might change addresses quickly, as is the case with dialup.
    You might be safe using a larger value (e.g., 2 hours) in a corporate LAN environment with relatively static address assignments.
  • Credentials cache time:
    Specifies how long Proxy assumes an externally validated username:password pair is valid for (in other words how often the helper program is called for that user). Set this low to force revalidation with short lived passwords.
  • Search groups cache time:
    how long Proxy remembers the Active Directory Group associated to the user.


Leave a comment