Active Directory Authentication is slow - Takes minutes to Logon

  • 3 November 2016
  • 4 replies

Badge +5
We recently had multiple Nutanix Blocks installed and I have started configuring them for Active Directory Authentication; however, logging on using AD Accounts is super slow and takes several minutes to logon.

I have configured the Authentication to IP Addresses, FQDN's and DOMAIN but all are still unacceptably slow.


For the Prism Role mapping, I have configured AD Groups and Single Users and the logon is still super slow.

There was a post about change recursive authentication to be off; however, there was no command string associated with NCLI.

Anyone experiencing this issue? Would like to know the best practice for configuration AD Authentication.

Thanks for any assistance...

Best answer by hatchda 7 November 2016, 16:43

View original

This topic has been closed for comments

4 replies

Userlevel 6
Badge +29
I'd place a small bet that recursive lookups is the problem here.

That said, send us a support ticket ( for NX or SX, your respective OEM for HX/XC) and we'll get on a WebEx with you and hammer it out.

Badge +5

Thanks for the post.. I will open a case with Dell and work with them. Thanks again.
Badge +5
Resolution to AD Logon Slowness (If you are experiencing)

NOTE: Do not use Nested AD Groups and only explicitly add the users to the AD Group you want grant User/Cluster/Read Roles to.

Configure Authentication Configuration:
Name: TEST
URL: ldap://

Configure Role Mapping:
Remember you can only have one ROLE Type (Viewer/User Admin/Cluster Admin) per LDAP Type)

Execute the following command on a CVM:
ncli authconfig edit-directory name=NAME group-search-type=NON_RECURSIVE directory-type=ACTIVE_DIRECTORY connection-type=LDAP directory-url=ldap://

Good Luck,
Userlevel 6
Badge +29
good stuff, glad you were able to get that sorted.