Sitecore's Active Directory module: Upgrading to 1.1 from 1.0

As part of routine maintenance, I recently decided to update my Sitecore Active Directory module from 1.0 to 1.1. It seemed pretty straight forward so I figured why not throw it into the release. However, I started seeing performance problems with my SSO. Users were starting to experience around a 1-2 minute wait when implicitly logging into the intranet site.

I quickly rolled back to the 1.0 release of LDAP, but I knew there must be something throwing off the newer Sitecore Active Directory module.First thing I did was look at the caches across both versions using /sitecore/admin/cache.aspx. On my BETA I noticed a LDAP roles cache that wasn't in production (w/ the older version). It turns out that the Active Directory module introduced a Role Cache that is configured much differently than any of the other caches in the module.

For a user cache, it is managed in ldap.config.
 <setting name="LDAP.Caching.UserCache" value="20MB" />

However for the role cache, it is managed on the Role Manager Provider node.
      <add name="mydomain" type="LightLDAP.SitecoreADRoleProvider" connectionStringName="ADConnString" applicationName="sitecore" attributeMapUsername="sAMAccountName" cacheSize="20MB" />

My plan is to gain approval to roll this out in the next release, but I'm 99.9% sure this will resolve the problem. I'm documenting this for others as I didn't come across much talking about the Role Cache being added or how to configure for it (I decompiled it to find my answers!).


  1. Nice! Source code, even decompiled, source code is the best form of documentation.


Post a Comment