Bug 56112 – Group membership cache always reads LDAP from primary server

Bug 56112 - Group membership cache always reads LDAP from primary server


Summary:	Group membership cache always reads LDAP from primary server

Status:	NEW

Product:	UCS
Classification:	Unclassified
Component:	LDAP
Version:	UCS 5.0
Hardware:	Other Linux

Importance:	P5 normal (vote)
Target Milestone:	---
Assigned To:	UCS maintainers
QA Contact:	UCS maintainers

URL:
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2023-06-02 10:51 CEST by Julia Bremer
Modified:	2023-06-09 15:30 CEST (History)
CC List:	2 users (show)

See Also:
What kind of report is it?:	Bug Report
What type of bug is this?:	2: Improvement: Would be a product improvement
Who will be affected by this bug?:	2: Will only affect a few installed domains
How will those affected feel about the bug?:	2: A Pain – users won’t like this once they notice it
User Pain:	0.046
Enterprise Customer affected?:	Yes
School Customer affected?:	Yes
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:	2023052621000404
Bug group (optional):	Large environments, UCS Performance
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Julia Bremer

2023-06-02 10:51:29 CEST

The univention-group-membership cache has been created to improve performance 
and has been integrated into the portal. 

Since the univention-ldap-cache uses getMachineConnection to read from LDAP, it uses the primary server as default, which is not needed for the cache, as it is read only. 

This can result in very high load for the slapd on the primary server as discovered on customer systems.