Jamf Nation Community

Thanks, @franton. Can we try it?

I know of no way to adjust the timeout, and doing so would probably cause other issues if set to aggressively anyway.

emboldened for clarity.

Oh okay. It's just that 40-55 seconds login is really slow. most of our users hated it. Once connected to the network is really fine after fine tuning the DSBindTimeout. The thing is I can't find any better suggestion in most of the forums.

@mreaso

The common fix in this scenario is to lower the LDAP lookup timeout so it "gives up" quicker. I don't have the details to hand but from memory it's a login window key.

As @franton mentioned, this is a risky thing to do. If you set it too low, the login window will always give up too quickly and you won't be able to authenticate against the domain at all. Apple may also overwrite your customizations at any point with an OS update, or just remove the functionality.

Lowering the DSBindTimeout value has been very successful for me. I've been using it for several years and haven't found any issues.

10 seconds is a conservative value and a good place to start. Think about it this way: If the Mac doesn't find the domain within 10 seconds....whats the chances it is going to find it? If you are on the LAN does it ever take 10 seconds to login? If yes then you could set a higher value, but most likely 10 will get the job done.

FWIW this setting has survived 10.9-10.10-10.11 upgrades for me.

sudo /usr/bin/defaults write /Library/Preferences/com.apple.loginwindow DSBindTimeout -int 10

We have been using the method @Josh.Smith mentioned with great success.