IBM Support

IV59953: FULL DN FOR GROUP MEMBERS WILL CAUSE HUGE TRAFFIC AND FULL CACHE APPLIES TO AIX 7100-02

A fix is available

Subscribe

You can track all active APARs for this component.

APAR status

  • Closed as program error.

Error description

  • An lsuser for a single LDAP user generates thousands of
    queries if full DN is used for group members. This fills
    the cache and affects the performance of secldapclntd.
    

Local fix

Problem summary

  • A lot of network traffic to the LDAP server will be
    experienced when the lsuser command is issued on an LDAP user
    if there are large groups of LDAP users and fullDN is used
    for group members in the LDAP configuration file.
    

Problem conclusion

  • Only query the group name and group id when querying the user
    information, and not all of the group information too.
    

Temporary fix

Comments

  • 6100-08 - use AIX APAR IV58972
    6100-09 - use AIX APAR IV59211
    6100-09 - use AIX APAR IV59211
    7100-02 - use AIX APAR IV59953
    7100-03 - use AIX APAR IV59267
    7100-04 - use AIX APAR IV59693
    

APAR Information

  • APAR number

    IV59953

  • Reported component name

    AIX V7.1

  • Reported component ID

    5765H4000

  • Reported release

    710

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Submitted date

    2014-04-30

  • Closed date

    2014-04-30

  • Last modified date

    2016-05-10

  • APAR is sysrouted FROM one or more of the following:

    IV58972

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    AIX V7.1

  • Fixed component ID

    5765H4000

Applicable component levels

  • R710 PSY U865312

       UP15/01/19 I 1000

PTF to Fileset Mapping



Document information

More support for: AIX Enterprise Edition

Software version: 710

Operating system(s): AIX

Reference #: IV59953

Modified date: 10 May 2016