We'd love to hear about it! Click here to go to the product suggestion community
we are using a Sophos SG330 in active-passive HA, all services (except Sandstorm) are active. Unfortunately the ad-sync.plx service is using one CPU core to 100%. That's why we have only one core left for all the other services (http-proxy etc) and the performance is heavily decreased. For client authentication we use the Sophos Authentication Agent.
We'd be glad if anybody has a hint for us what is going wrong because I strongly believe this behavior of the ad-sync.plx is not normal.
Hallo Timo and welcome to the UTM Community!
Have you enabled 'Prefetch Directory Users'? What about 'Active Directory Group Membership Synchronization'?
If both are enabled and you still have this problem, your situation is unusual. Try a reboot of the Slave, wait for the Slave to sync and be READY and then reboot the Master. If that doesn't solve this issue, you should get Sophos Support involved.
Cheers - Bob
In reply to BAlfson:
thank you for your quick answer! After your post I activated "Prefetch Directory Users" yesterday (AD Group Membership Synchronization was already activated). Furthermore I rebooted Slave and Master. After these actions the ad-sync.plx is not even in the top10 of high CPU consuming services any more. So it seems the problem is solved now!
Many thanks and best regards