PQ68115: ASSIGNING A USER TO A ROLE TAKES 15-20 MINUTES | |||||||||||||||||||||||||||||||||||||||
![]() |
|||||||||||||||||||||||||||||||||||||||
![]() APAR status Closed as program error. Error description Security is enabled and LocalOS is used for authentication. The server is part of an NT domain. Customer isn't certain of the number of users in the domain, but estimates it at several thousand. When assigning a user to a role, it takes 15-20 minutes to complete. However, once added, authentication for the user completes quickly. Customer has a trace taken during the assingment process and will send it to weblev2. He will also include the number of users in the domain registry.Local fix Problem summary **************************************************************** * USERS AFFECTED: All WebSphere Application Server users who * * have enabled security and are LocalOS on * * NT or Windows 2000 operating systems. * **************************************************************** * PROBLEM DESCRIPTION: Assigning users to a role can take an * * excessive amount of time if the number * * of users defined on the system is * * large. * **************************************************************** * RECOMMENDATION: * **************************************************************** Assigning users to a role can take an excessive amount of time if the number of users defined on the system is large. The reported example took 15-20 minutes per user with 3000 users on the system which were defined on a remote Domain Controller.Problem conclusion The problem was that the buffer size specified to get user information as well as group information from NT Registry using NT's APIs was very small(1024 bytes). Increasing the buffer size to a value of 32768 bytes, resolved the issue as it reduced the number of API calls needed to get all users. these API calls were taking an excessive amount of time as it was to a remote Domain Controller.Temporary fix The customer has verified that the given fix (NTRegistry.dll) has solved the performance problem. Now the performance with respect to "assigning a user to a role" is very good.Comments
APAR is sysrouted FROM one or more of the following: APAR is sysrouted TO one or more of the following: Modules/Macros
SRLS
|
Document Information |
Product categories: Software > Application Servers >
Distributed Application & Web Servers > WebSphere Application
Server > General
Operating system(s):
Software version: 400
Software edition:
Reference #: PQ68115
IBM Group: Software Group
Modified date: Dec 12, 2002
(C) Copyright IBM Corporation 2000, 2006. All Rights Reserved.