0
Answered

Time out question

Bob Bradley 2 years ago • updated by anonymous 2 years ago 1

With regards the release notes of FIM Event Broker v3.2.1


Question regarding "Increased timeout of LDAP operations to one hour". I am thinking that there may be scenarios whereby a timeout of 1 hour may not be desirable (e.g. on a sync changes check operation you would most likely WANT this to fail to bring the issue to the attention of the operators). Can you explain the scenario that this was implemented for, and whether it is confined or applied in general? I can see specific examples of where increased timeouts may be required - but I would have thought this would be on an operation-by-operation basis (in which case you could conceivably have 2 agents with different configurable timeouts).



Case in point - at one particular site we are actually REDUCING timeouts for certain operations as this is indicative that there are external problems impacting the solution which need to be addressed. The changes we are looking to make there are to identify long-running operations that are out of the ordinary and disable them until the root cause has been identified and remediated. Allowing something to run for an abnormally long time in actual fact appears to have been a major contributor to a severe FIM solution outage (after damage was caused by mass account disabling as an indirect result).

Answer

Answer
Answered

Hi Bob,


I apologise for the confusion here. The timeout is actually configurable, using one hour as the default timeout for cases where it hasn't been set yet (which will be all existing operations). I have updated the release notes to clarify this.

Answer
Answered

Hi Bob,


I apologise for the confusion here. The timeout is actually configurable, using one hour as the default timeout for cases where it hasn't been set yet (which will be all existing operations). I have updated the release notes to clarify this.