Unlike other platforms, NetWare has the variable NDSD_TRY_NMASLOGIN_FIRST set to true by default. This makes it possible to log into iManager on another server or tree when running eDirectory 8.8.
Unfortunately, this setting also reduces authentication performance, with the most notable reduction occuring for LDAP binds.
To change the setting, remove the variable from the STARTUP.NCF file and restart the server.
For more information, see How to Make Your Password Case-Sensitive
the Novell eDirectory 8.8 What’s New Guide.
If you are using Novell eDirectory 8.7.3x, timeouts are possible when you search from iManager for eDirectory objects, such as NCP Server objects, Volume objects, and Cluster objects. This is because the Object Class attribute is not indexed by default. The LDAP sub-tree search can take over 30 seconds, which causes the query to time out. For example, a Cluster objects search from the Cluster Options page returns the error:
Bad XML found during parsing when accessing cluster options
We recommend that you create a value index on the objects’ Object Class attribute. (Object Class is considered an attribute for indexing purposes.) This helps to reduce the time needed for the sub-tree search from over 30 seconds to 10 to 50 milliseconds. For instructions, see Creating an Index
the Novell eDirectory 8.8 Administration Guide.
Building indexes speeds up the sub-tree search, even if some partitions being searched do not contain these types of objects. For example, searching for a Cluster object in a context that contains only users is not expected to return results; however, the Object Class search is still performed, and benefits from having an index present.
The sub-tree search performance issue is resolved in the eDirectory 8.8.x release with the addition of the AncestorID feature.