Cybersecurity
DevOps Cloud
IT Operations Cloud
Summary
The roll forward log contains all changes not yet written to disk. It is the checkpoint thread's responsibility to periodically write all these changes to disk. While it is writing no other process can continue. The default is for the process to run every 3 minutes unless it has accumulated 2.5GB of data. If this thread runs longer than 20 seconds clients could begin to timeout.
Products
eDirectory (NetIQ eDirectory)
Situation
There are two ways to find the runtime of the checkpoint thread:
1. Go to the coredb screen: IE., https://x.x.x.x:8030/coredb
Select Statistics – then CPThread: Top
You should now have the Checkpoint Thread information at the top
At this point one can just keep hitting F5 until the checkpoint thread is seen running. Keep refreshing until it stops. If the runtime has gone longer than 20 seconds then that is a red flag. This is the default amount of time java clients will begin to timeout. That said, if it runs too often (less than 100MB in dirty cache) there will be performance issues elsewhere. The default is every 3 minutes so if LDAP responses slow down at that interval – another red flag.
2. Run the following command to extract the data from a cn=monitor search:
LDAPTLS_REQCERT=never ldapsearch -H ldaps://x.x.x.x:636 -D cn=admin,o=novell -w novell -s sub -b cn=CheckPointThreadData,cn=RecordManager,cn=Monitor
NOTE: there is currently a bug open on eDirectory 9.2.7 where this information is not valid.
Resolution:
If it runs for more than 20 seconds set lower the time eDirectory waits to force the checkpoint. This done in the _ndsdb.ini file and requires a restart of NDSD. Place the following line in the file to have it forced every 30 seconds.
cpinterval = 30
NOTE: any lower than this will impact performance.
URL Name
KM000013983