HP-UX: audisp calls made by NetIQ UNIX Agent can cause excess cpu use in LDAP environments

  • 7007510
  • 22-May-2012
  • 22-May-2012


  • HP-UX
  • HP-UX LDAP Authentication
  • NetIQ Security Manager
  • NetIQ UNIX Agent


The NetIQ UNIX Agent runs frequent instances of the auditsp command to record system auditing information. Running auditsp on HP-UX systems using LDAP authentication results in increased load on LDAP servers due to HP-UX remote UID/GUID translation.


Install patch PHCO_42672 from Hewlett Packard.


  • PHCO_42672: (QX:QXCR1001142965)
    Audit display command (audisp) utilizes more CPU since it contacts LDAP server for every new user record to display, and had a poor search logic that was resulting in a cumbersome extensive search in larger LDAP implementations.

    This problem is fixed by constructing a table with the required user information, and use them instead of contacting LDAP server for every instance to fetch the user information

Additional Information

You will need an active support agreement with HP to access HP-UX patch PHCO_42672.