icon-itdr.svg
ITDR

Configuring Scan and LDAP Connection Timeout

After you configure an Active Directory (AD) domain for scanning, you can configure the scan and LDAP connection timeout. Timeouts are essential for performance as they help to prevent system resources from being used by long-running or unresponsive processes. By default, the scan timeout is 30 minutes and LDAP connection timeout is 5 minutes.

Zscaler recommends keeping the default values for better performance.

To configure the scan and LDAP connection timeout:

  1. Go to ITDR > Manage > Active Directory Posture.
  2. Click the Edit icon for the AD domain for which you want to configure the timeout.

  1. In the Scan Agents Details window:
    1. For Scan Timeout, enter the scan timeout in minutes.
    2. For Connection Timeout, enter the LDAP connection time in minutes.

  1. Click Submit.

The scan and LDAP connection timeout are configured for the selected AD domain.

Related Articles
About Active Directory PostureScanning an Active DirectoryEnabling Active Directory Attribute CollectionTriggering an On-Demand ScanViewing Failed Scan Check DetailsConfiguring Scan and LDAP Connection TimeoutSpecifying a Domain Controller for ScanningStopping an Ongoing ScanEditing or Deleting a Scan