Hi everyone.
I've read quite a few articles, but could not find anything fitting this particular case.
We have a product that authenticates users on AD (LDAP). This part is working somewhat OK (takes time for some users).
But after that the product gets all the groups this user belongs to, and queries these groups properties, this takes a long time.
To speed up the login we need to consolidate the searches to an OU containing only the users that need to have access to the system. But the users are spread through half a dozen OUs on the domain root, and cannot be consolidated.
Is there a way tolink the user CNs in this OU, or to create aliases, so that I can restrict the ldap base dn search to this OU and still get the users properties correctly?
We already created an OU for the few groups this product needs (speeding up searches), but the users cannot be migrated to other OUs. The setup must be transparent for our system, meaning it will search the way it does currently, AD will look up these aliases and return the users' properties.
Thanks!