IBM Support

IV58972: FULL DN FOR GROUP MEMBERS WILL CAUSE HUGE TRAFFIC AND FULL CACHE APPLIES TO AIX 6100-08

A fix is available

Subscribe

You can track all active APARs for this component.

APAR status

  • Closed as program error.

Error description

  • An lsuser for a single LDAP user generates thousands of
    queries if full DN is used for group members. This fills
    the cache and affects the performance of secldapclntd.
    

Local fix

Problem summary

  • A lot of network traffic to the LDAP server will be
    experienced when the lsuser command is issued on an LDAP user
    if there are large groups of LDAP users and fullDN is used
    for group members in the LDAP configuration file.
    

Problem conclusion

  • Only query the group name and group id when querying the user
    information, and not all of the group information too.
    

Temporary fix

Comments

  • 6100-08 - use AIX APAR IV58972
    6100-09 - use AIX APAR IV59211
    6100-09 - use AIX APAR IV59211
    7100-02 - use AIX APAR IV59953
    7100-03 - use AIX APAR IV59267
    7100-04 - use AIX APAR IV59693
    

APAR Information

  • APAR number

    IV58972

  • Reported component name

    AIX 610 STD EDI

  • Reported component ID

    5765G6200

  • Reported release

    610

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Submitted date

    2014-04-08

  • Closed date

    2014-04-11

  • Last modified date

    2016-05-10

Fix information

  • Fixed component name

    AIX 610 STD EDI

  • Fixed component ID

    5765G6200

Applicable component levels

  • R610 PSY U867311

       UP15/01/18 I 1000

PTF to Fileset Mapping



Document information

More support for: AIX Standard Edition

Software version: 610

Operating system(s): AIX

Reference #: IV58972

Modified date: 10 May 2016