Related to What happens behind the scenes when DMSNotifications.NT_REFRESH_LDAP is send in 10.1 ? - DataMiner Dojo.
Customer thinks - based on sniffing between DMA and CREP (wrapper Keycloak - Crowd) - that the problem could be solved by increasing the timeout or timeouts DMA uses to perform a DMSNotifications.NT_REFRESH_LDAP.
They saw a " RST from DMA after 30 seconds"
I know we should solve the slowness of CREP, but this will take time and is also out partly out of our hands.
So they want a workaround to be able to sync by increasing the timeout, because at this moment customers of our customers cannot login anymore, and off course this is a disaster.
Unfortunately today there is no timeout setting for the Crowd related HTTP requests that are sent out. As you have noticed, this means that the request is always canceled if a response takes longer than 30 seconds to come in.
I would recommend you to create a feature suggestion and get in contact with the Data Core product domain to see if there is something they can do.
It concerns:
GET /crowd/rest/usermanagement/1/group/user/direct?groupname=HNO_OPERATOR HTTP/1.1rn
30 secs later DMA sends
Flags: 0x014 (RST, ACK)
So customer wants to increase this 30 seconds timeout to 2 minutes,
because sometimes the get needs 1,5 minute.
This 1,5 minute will be fixed, but it is a very difficult fix that will take quite some time.
So in the mean time they want a workaround : timeout set to 2 minutes please