OUD Performance - How to Prevent a Client from Performing Searches which Result in High Etimes
(Doc ID 2216475.1)
Last updated on SEPTEMBER 11, 2023
Applies to:
Oracle Unified Directory - Version 11.1.2.3.0 and laterInformation in this document applies to any platform.
Goal
An ldap client is running an ldap search with a complex filter at a regular intervals on a continuous basis. The search result execution times are high and may lead to a performance issue. Is there a method in OUD to block these types of LDAP searches?
Details from the OUD access log file are below:
----
[16/Nov/2016:00:31:00 -0500] CONNECT <......> from=<CLIENT_IP>:<CONN> to=<SERVER_IP>:<PORT> protocol=LDAP
[16/Nov/2016:00:31:00 -0500] BIND REQ <......> op=0 msgID=4 type=SIMPLE dn="cn=<ADMIN>,ou=<ADMIN_ACCTS>,dc=<SUFFIX_DN>" version=3
[16/Nov/2016:00:31:00 -0500] BIND RES <......> op=0 msgID=4 result=0 authDN="cn=<ADMIN>,ou=<ADMIN_ACCTS>,dc=<SUFFIX_DN>" etime=0
[16/Nov/2016:00:31:00 -0500] SEARCH REQ <......> op=1 msgID=5 base="ou=<USERS>,dc=<SUFFIX_DN>" scope=base filter="(|(objectclass=*)(objectclass=ldapsubentry))" attrs="ALL"
[16/Nov/2016:00:31:00 -0500] SEARCH RES <......> op=1 msgID=5 result=0 nentries=1 etime=0
[16/Nov/2016:00:31:00 -0500] SEARCH REQ <......> op=2 msgID=6 base="ou=<USERS>,dc=<SUFFIX_DN>" scope=sub filter="(&(uid=*)(sn=*)(&(objectclass=<CUSTOM_ATTR>)(objectclass=inetorgperson)))" attrs="uid,mail,givenName,cn,sn,<CUST_ATTR-1>,<CUST_ATTR-2>,<CUST_ATTR-3>,<CUST_ATTR-4>,<CUST_ATTR-5>,createTimestamp,ds-pwp-account-disabled,pwdAccountLockedTime,pwdFailureTime"
..
[16/Nov/2016:00:45:35 -0500] SEARCH RES <......> op=2 msgID=6 result=0 nentries=527046 additionalInfo="Unindexed" etime=874359
================================================================================
Solution
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
| Goal |
| Solution |
| References |