Environment
- HP-UX
- HP-UX LDAP Authentication
- NetIQ Security Manager
- NetIQ UNIX Agent
Situation
The NetIQ UNIX Agent runs frequent instances of the auditsp command to record system auditing information. Running auditsp on HP-UX systems using LDAP authentication results in increased load on LDAP servers due to HP-UX remote UID/GUID translation.
Resolution
Install patch PHCO_42672 from Hewlett Packard.
Cause
- PHCO_42672: (QX:QXCR1001142965)
Audit display command (audisp) utilizes more CPU since it contacts LDAP server for every new user record to display, and had a poor search logic that was resulting in a cumbersome extensive search in larger LDAP implementations.
This problem is fixed by constructing a table with the required user information, and use them instead of contacting LDAP server for every instance to fetch the user information
Additional Information
You will need an active support agreement with HP to access HP-UX patch PHCO_42672.