An internal error in the method that cached ipaconfig settings caused the results not to be cached. Consequently, a search for limits stored in LDAP was unintentionally together with every LDAP search operation, and the search operations were thus duplicated. This update fixes the comparison of LDAP connections, and limits are downloaded from LDAP only once for each connection.
Verified.
IPA server version::
ipa-server-4.2.0-15.el7_2.2.x86_64
Steps to verify ::
1. Fresh install ipa-server
2. Add IPA user
3. tail DS access log, usually found /var/log/dirsrv/slapd-<INSTANCE>/access
4. perform operations like 'ipa user-show', 'ipa user-find' and
5. Grep for string in DS access log
{{
"SRCH base="cn=ipaconfig,cn=etc,dc=example.com" scope=0 filter="(objectClass=*)" attrs=ALL"
}}
6. Note that this string should appear once for each request / connection of ipa command.
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.
https://rhn.redhat.com/errata/RHBA-2015-2562.html