Excessive LDAP searches from DB2 server's db2sysc processes
Issue
- Several systems found responsible for gigabytes/day of network traffic to backend LDAP servers.
- Load on LDAP servers unexpected as it should only be used for system authN/authZ
- nscd: nss_ldap: failed to bind to LDAP server ldap://adldap: Can't contact LDAP server messages in logs.
Environment
- RHEL 5
- RHEL 4
- IBM DB2 Version 9
- System AuthN & AuthZ centralized in seperate LDAP Directory server.
- DB2 system, admin, and database users / groups all defined locally.
/etc/ldap.conf:
nss_initgroups_ignoreusers db2as,db2fenc1,db2ls001,db2pmi01,db2psrv1,db2rm001,db2wbfrm,db2wmq01,sibqa
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.