My Oracle Support Banner

OUD Performance - How to Prevent a Client from Performing Searches which Result in High Etimes (Doc ID 2216475.1)

Last updated on SEPTEMBER 11, 2023

Applies to:

Oracle Unified Directory - Version and later
Information in this document applies to any platform.


An ldap client is running an ldap search with a complex filter at a regular intervals on a continuous basis.  The search result execution times are high and may lead to a performance issue.  Is there a method in OUD to block these types of LDAP searches?

Details from the OUD access log file are below:
[16/Nov/2016:00:31:00 -0500] CONNECT <......> from=<CLIENT_IP>:<CONN> to=<SERVER_IP>:<PORT> protocol=LDAP
[16/Nov/2016:00:31:00 -0500] BIND REQ <......> op=0 msgID=4 type=SIMPLE dn="cn=<ADMIN>,ou=<ADMIN_ACCTS>,dc=<SUFFIX_DN>" version=3
[16/Nov/2016:00:31:00 -0500] BIND RES <......> op=0 msgID=4 result=0 authDN="cn=<ADMIN>,ou=<ADMIN_ACCTS>,dc=<SUFFIX_DN>" etime=0
[16/Nov/2016:00:31:00 -0500] SEARCH REQ <......> op=1 msgID=5 base="ou=<USERS>,dc=<SUFFIX_DN>" scope=base filter="(|(objectclass=*)(objectclass=ldapsubentry))" attrs="ALL"
[16/Nov/2016:00:31:00 -0500] SEARCH RES <......> op=1 msgID=5 result=0 nentries=1 etime=0
[16/Nov/2016:00:31:00 -0500] SEARCH REQ <......> op=2 msgID=6 base="ou=<USERS>,dc=<SUFFIX_DN>" scope=sub filter="(&(uid=*)(sn=*)(&(objectclass=<CUSTOM_ATTR>)(objectclass=inetorgperson)))" attrs="uid,mail,givenName,cn,sn,<CUST_ATTR-1>,<CUST_ATTR-2>,<CUST_ATTR-3>,<CUST_ATTR-4>,<CUST_ATTR-5>,createTimestamp,ds-pwp-account-disabled,pwdAccountLockedTime,pwdFailureTime"
[16/Nov/2016:00:45:35 -0500] SEARCH RES <......> op=2 msgID=6 result=0 nentries=527046 additionalInfo="Unindexed" etime=874359



To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.