OUD 11g - Duplicate Search Requests from OUD Proxy Server to Active Directory Results in Poor Performance (Doc ID 2207109.1)

Last updated on JANUARY 15, 2017

Applies to:

Oracle Unified Directory - Version 11.1.2.3.160419 and later
Information in this document applies to any platform.

Symptoms

OUD is configured as a proxy to Active Directory and has various transformations configured.

Relevant documentation links to the OUD transformation functionality...

Fusion Middleware Administering Oracle Unified Directory
12.7 Understanding the Transformation Framework
http://docs.oracle.com/cd/E52734_01/oud/OUDAG/proxy_functionality.htm#OUDAG10795

Fusion Middleware Administering Oracle Unified Directory
24.6 Configuring Transformations
http://docs.oracle.com/cd/E52734_01/oud/OUDAG/config_virtualization.htm#OUDAG10822

Such an OUD proxy server configuration may result in duplicate search requests being generated from the proxy to the backend Active Directory server, which may in turn impact performance. The following access logging from an OUD proxy server illustrates the behavior...

[17/Aug/2016:17:36:47 +0000] CONNECT conn=32 from=127.0.0.1:49319 to=127.0.0.1:1389 protocol=LDAP
[17/Aug/2016:17:36:47 +0000] BIND REQ conn=32 op=0 msgID=1 type=SIMPLE dn="cn=Directory Manager" version=3
[17/Aug/2016:17:36:47 +0000] BIND RES conn=32 op=0 msgID=1 result=0 authDN="cn=Directory Manager,cn=Root DNs,cn=config" etime=0
[17/Aug/2016:17:36:47 +0000] SEARCH REQ conn=32 op=1 msgID=2 base="ou=workforce,dc=oracle,dc=local" scope=sub filter="(member=cn=testuser1,cn=users,dc=oracle,dc=local)" attrs="dn"
[17/Aug/2016:17:36:47 +0000] SEARCH PROXY_REQ conn=32 op=1 msgID=2 s_conn=982 scope="sub" s_msgid=49 base="dc=oracle,dc=local" s_credmode=use-specific-identity filter="(member=cn=testuser1,cn=users,dc=oracle,dc=local)"
[17/Aug/2016:17:36:47 +0000] SEARCH PROXY_REQ conn=32 op=1 msgID=2 s_conn=981 scope="base" s_msgid=41 base="CN=testgroup1,CN=Users,DC=oracle,DC=local" s_credmode=use-specific-identity filter="(objectClass=*)"
[17/Aug/2016:17:36:47 +0000] SEARCH PROXY_REQ conn=32 op=1 msgID=2 s_conn=980 scope="base" s_msgid=41 base="CN=testgroup1,CN=Users,DC=oracle,DC=local" s_credmode=use-specific-identity filter="(objectClass=*)"
[17/Aug/2016:17:36:47 +0000] SEARCH PROXY_REQ conn=32 op=1 msgID=2 s_conn=979 scope="base" s_msgid=40 base="CN=testgroup1,CN=Users,DC=oracle,DC=local" s_credmode=use-specific-identity filter="(objectClass=*)"
[17/Aug/2016:17:36:47 +0000] SEARCH PROXY_REQ conn=32 op=1 msgID=2 s_conn=978 scope="base" s_msgid=40 base="CN=testgroup1,CN=Users,DC=oracle,DC=local" s_credmode=use-specific-identity filter="(objectClass=*)"
[17/Aug/2016:17:36:47 +0000] SEARCH PROXY_REQ conn=32 op=1 msgID=2 s_conn=977 scope="base" s_msgid=39 base="CN=testgroup1,CN=Users,DC=oracle,DC=local" s_credmode=use-specific-identity filter="(objectClass=*)"
[17/Aug/2016:17:36:47 +0000] SEARCH PROXY_REQ conn=32 op=1 msgID=2 s_conn=976 scope="base" s_msgid=39 base="CN=testgroup1,CN=Users,DC=oracle,DC=local" s_credmode=use-specific-identity filter="(objectClass=*)"
[17/Aug/2016:17:36:47 +0000] SEARCH PROXY_RES conn=32 op=1 msgID=2 result=0 s_conn=976 s_msgid=39 etime=78 authzDN=cn=Directory Manager,cn=Root DNs,cn=config nentries=1 s_authdn=cn=administrator,cn=users,dc=oracle,dc=local
[17/Aug/2016:17:36:47 +0000] SEARCH PROXY_RES conn=32 op=1 msgID=2 result=0 s_conn=977 s_msgid=39 etime=167 authzDN=cn=Directory Manager,cn=Root DNs,cn=config nentries=1 s_authdn=cn=administrator,cn=users,dc=oracle,dc=local
[17/Aug/2016:17:36:47 +0000] SEARCH PROXY_RES conn=32 op=1 msgID=2 result=0 s_conn=978 s_msgid=40 etime=255 authzDN=cn=Directory Manager,cn=Root DNs,cn=config nentries=1 s_authdn=cn=administrator,cn=users,dc=oracle,dc=local
[17/Aug/2016:17:36:47 +0000] SEARCH PROXY_RES conn=32 op=1 msgID=2 result=0 s_conn=979 s_msgid=40 etime=346 authzDN=cn=Directory Manager,cn=Root DNs,cn=config nentries=1 s_authdn=cn=administrator,cn=users,dc=oracle,dc=local
[17/Aug/2016:17:36:47 +0000] SEARCH PROXY_RES conn=32 op=1 msgID=2 result=0 s_conn=980 s_msgid=41 etime=426 authzDN=cn=Directory Manager,cn=Root DNs,cn=config nentries=1 s_authdn=cn=administrator,cn=users,dc=oracle,dc=local
[17/Aug/2016:17:36:47 +0000] SEARCH PROXY_RES conn=32 op=1 msgID=2 result=0 s_conn=981 s_msgid=41 etime=506 authzDN=cn=Directory Manager,cn=Root DNs,cn=config nentries=1 s_authdn=cn=administrator,cn=users,dc=oracle,dc=local
[17/Aug/2016:17:36:47 +0000] SEARCH PROXY_REQ conn=32 op=1 msgID=2 s_conn=981 scope="base" s_msgid=42 base="CN=testgroup2,CN=Users,DC=oracle,DC=local" s_credmode=use-specific-identity filter="(objectClass=*)"
[17/Aug/2016:17:36:47 +0000] SEARCH PROXY_REQ conn=32 op=1 msgID=2 s_conn=980 scope="base" s_msgid=42 base="CN=testgroup2,CN=Users,DC=oracle,DC=local" s_credmode=use-specific-identity filter="(objectClass=*)"
[17/Aug/2016:17:36:47 +0000] SEARCH PROXY_REQ conn=32 op=1 msgID=2 s_conn=979 scope="base" s_msgid=41 base="CN=testgroup2,CN=Users,DC=oracle,DC=local" s_credmode=use-specific-identity filter="(objectClass=*)"
[17/Aug/2016:17:36:47 +0000] SEARCH PROXY_REQ conn=32 op=1 msgID=2 s_conn=978 scope="base" s_msgid=41 base="CN=testgroup2,CN=Users,DC=oracle,DC=local" s_credmode=use-specific-identity filter="(objectClass=*)"
[17/Aug/2016:17:36:48 +0000] SEARCH PROXY_REQ conn=32 op=1 msgID=2 s_conn=977 scope="base" s_msgid=40 base="CN=testgroup2,CN=Users,DC=oracle,DC=local" s_credmode=use-specific-identity filter="(objectClass=*)"
[17/Aug/2016:17:36:48 +0000] SEARCH PROXY_REQ conn=32 op=1 msgID=2 s_conn=976 scope="base" s_msgid=40 base="CN=testgroup2,CN=Users,DC=oracle,DC=local" s_credmode=use-specific-identity filter="(objectClass=*)"
[17/Aug/2016:17:36:48 +0000] SEARCH PROXY_RES conn=32 op=1 msgID=2 result=0 s_conn=976 s_msgid=40 etime=74 authzDN=cn=Directory Manager,cn=Root DNs,cn=config nentries=1 s_authdn=cn=administrator,cn=users,dc=oracle,dc=local
[17/Aug/2016:17:36:48 +0000] SEARCH PROXY_RES conn=32 op=1 msgID=2 result=0 s_conn=977 s_msgid=40 etime=150 authzDN=cn=Directory Manager,cn=Root DNs,cn=config nentries=1 s_authdn=cn=administrator,cn=users,dc=oracle,dc=local
[17/Aug/2016:17:36:48 +0000] SEARCH PROXY_RES conn=32 op=1 msgID=2 result=0 s_conn=978 s_msgid=41 etime=235 authzDN=cn=Directory Manager,cn=Root DNs,cn=config nentries=1 s_authdn=cn=administrator,cn=users,dc=oracle,dc=local
[17/Aug/2016:17:36:48 +0000] SEARCH PROXY_RES conn=32 op=1 msgID=2 result=0 s_conn=979 s_msgid=41 etime=320 authzDN=cn=Directory Manager,cn=Root DNs,cn=config nentries=1 s_authdn=cn=administrator,cn=users,dc=oracle,dc=local
[17/Aug/2016:17:36:48 +0000] SEARCH PROXY_RES conn=32 op=1 msgID=2 result=0 s_conn=980 s_msgid=42 etime=400 authzDN=cn=Directory Manager,cn=Root DNs,cn=config nentries=1 s_authdn=cn=administrator,cn=users,dc=oracle,dc=local
[17/Aug/2016:17:36:48 +0000] SEARCH PROXY_RES conn=32 op=1 msgID=2 result=0 s_conn=981 s_msgid=42 etime=489 authzDN=cn=Directory Manager,cn=Root DNs,cn=config nentries=1 s_authdn=cn=administrator,cn=users,dc=oracle,dc=local
[17/Aug/2016:17:36:48 +0000] SEARCH PROXY_RES conn=32 op=1 msgID=2 result=0 s_conn=982 s_msgid=49 etime=1108 authzDN=cn=Directory Manager,cn=Root DNs,cn=config nentries=2 s_authdn=cn=administrator,cn=users,dc=oracle,dc=local
[17/Aug/2016:17:36:48 +0000] SEARCH RES conn=32 op=1 msgID=2 result=0 nentries=2 etime=1108
[17/Aug/2016:17:36:48 +0000] UNBIND REQ conn=32 op=2 msgID=3
[17/Aug/2016:17:36:48 +0000] DISCONNECT conn=32 reason="Client Disconnect"

 

Changes

 

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms