Share all details related to your problem, including any error messages you may have received.
We’re currently experiencing performance issues within the SailPoint IdentityIQ module. This is causing delays when loading certain pages when accessing specific functionalities.
1- When a user tries to access the sailpoint URL and provides the credentials, by clicking submit, it takes an average of 43 seconds to load and access the HomePage.
2- When accessing the “Forget Password” or “Unlock Password” functionality on the login page, it takes an average of 41 seconds to load the page to provide the updated password.
3- Once the “Forget Password” functionality is available, an OTP is generated. Once the OTP values and the passwords are provided, and on clicking Submit it takes around the same amount of time(average of 42 seconds) to validate and update the result for the same.
Any thoughts or suggestions on how can we fix that?
@MuhammadMustafa , does you have any provisioning or requests being triggered on the UI servers?
Login, password reset or unlock are foregrounds.therefore it appears that the server is waiting the thread to be pickup and executed.
Also communications with the AD could also cause slowliness.
It would be possible provide more information about your architecture, use of load balancer, what application server you are using, etc…
From other side, can you provide more details about your authentication method. it is through Active Directory?
Finally, please provide any log to check the error that you are facing.
Does you have any provisioning or requests being triggered on the UI servers?
nope, it’s only 1 server not a big Env at all, also we are leveraging the Password Rest Functionalities only for this deployment.
Login, password reset or unlock are foregrounds.therefore it appears that the server is waiting the thread to be pickup and executed.
Exaclty, but unfortunately it’s not the case.
Also communications with the AD could also cause slowliness.
I’m suspecting that as of now, but don’t know what might cause a delay :), especially when my colleague checked the test connection and it’s taking about/more 1.3 mins
Can you provide more info about the architecture.
Simply 1 server, no LB, PTA authentication via AD, PWI & DPR (for password reset), integration with a private/custom SMS gateway.
So it’s a simple one
We are investigating now with SailPoint Support as well.
It would be possible to provide more information about your architecture, use of load balancer, what application server you are using, etc…
Simply 1 server, no LB, PTA authentication via AD, PWI & DPR (for password reset), integration with a private/custom SMS gateway, tomcat 9.0.85
So it’s a simple one
From other side, can you provide more details about your authentication method. it is through Active Directory?
Yup AD PTA
Finally, please provide any log to check the error that you are facing.
I will try to raise the logs and see, will keep you posted
Hey thanks for the responses.
How many threards does this server have? Also could you enable debug on the IQservice and log in and se how long it take to send the response back?
we have seen this issue were we have the custom and complex membership rule for some of the quicklink ( custom / ootb) . When you click on any of the quick-link pretty much system will try to execute all the quick-link membership rule and can take more time .
It looks like you have multiple authentication (login) options enabled and the 1st one is giving a timeout.
I have seen the same when Pass-Through Authentication was enabled to an AD, where the AD server was not responding. After a timeout IIQ switched to Internal IdentityIQ Authentication.
You might also have MFA enabled without a proper configuration.
Can you check which Login options are enabled and try to disable 1-by-1 to see if the login (and others) are fast again (Gear->General Settings->Login Configuration).
Hi @ipobeidi I will check this one and let you know.
However, the support team (SailPoint support) saying most probably it’s a network/connection issue.
Will keep you all posted here as we are already opening a case with SailPoint support