Novell Home

My Favorites

Close

Please to see your favorites.

HP-UX: audisp calls made by NetIQ UNIX Agent can cause excess cpu use in LDAP environments

This document (7007510) is provided subject to the disclaimer at the end of this document.

Environment

  • HP-UX
  • HP-UX LDAP Authentication
  • NetIQ Security Manager
  • NetIQ UNIX Agent

Situation

The NetIQ UNIX Agent runs frequent instances of the auditsp command to record system auditing information. Running auditsp on HP-UX systems using LDAP authentication results in increased load on LDAP servers due to HP-UX remote UID/GUID translation.

Resolution

Install patch PHCO_42672 from Hewlett Packard.

Cause

  • PHCO_42672: (QX:QXCR1001142965)
    Audit display command (audisp) utilizes more CPU since it contacts LDAP server for every new user record to display, and had a poor search logic that was resulting in a cumbersome extensive search in larger LDAP implementations.

    This problem is fixed by constructing a table with the required user information, and use them instead of contacting LDAP server for every instance to fetch the user information

Additional Information

You will need an active support agreement with HP to access HP-UX patch PHCO_42672.

Disclaimer

This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:7007510
  • Creation Date:22-MAY-12
  • Modified Date:22-MAY-12
    • NetIQSecurity Manager

Did this document solve your problem? Provide Feedback