Loading the AD module takes longer than average
Troubleshooting
Use the Processs Monitor for troubleshooting
- system DLLs are loaded when the AD module is started in the SRXPSHost.exe process
- search the timeline for SRXPSHost.exe process where the time loss occurs
- view the detailed activities in the relevant time period, what is loaded, what is called via the network
→ OCSP requests are on the certificate revocation list (expired certificates) - (Optional) Call URL in browser and check what comes back
Solution
- Allow OCSP requests / https request on certificate revocation list.
Alternative solution
- Use internal OCSP resolver. Infrastructure must be designed for this.
- Bypass proxies between ScriptRunner server and the Internet for system requests or impersonated processes. When using proxies, the OS of the ScriptRunner Server must enter the system-level proxies and impersonations via GPO or manually.