[
https://issues.apache.org/jira/browse/HDFS-9956?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15193620#comment-15193620
]
sanjay kenganahalli vamanna commented on HDFS-9956:
---------------------------------------------------
the default 10 secs is not working and still we are facing the same problem
from past so many days.We dont want to keep the users in static binding and we
dont want to use the unix shell mapping as well.
> LDAP PERFORMANCE ISSUE AND FAIL OVER
> ------------------------------------
>
> Key: HDFS-9956
> URL: https://issues.apache.org/jira/browse/HDFS-9956
> Project: Hadoop HDFS
> Issue Type: Bug
> Reporter: sanjay kenganahalli vamanna
>
> The typical LDAP group name resolution works well under typical scenarios.
> However, we have seen cases where a user is mapped to many groups (in an
> extreme case, a user is mapped to more than 100 groups). The way it's being
> implemented now makes this case super slow resolving groups from
> ActiveDirectory and making the namenode to failover.
> Instead of failover, we can use the
> parameter(ha.zookeeper.session-timeout.ms) in the getgroups method to
> time-out and send the failed response back to the user so that we can prevent
> name node failover.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
