000021360 - RSA ClearTrust 5.5.2 suffers significant reduction in performance when checking group-based entitlements against very large groups

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000021360
Applies ToRSA ClearTrust 5.5.2
RSA ClearTrust LDAP Data Adapter
RSA ClearTrust group entitlements
IssueRSA ClearTrust 5.5.2 suffers significant reduction in performance when checking group-based entitlements against very large groups
All users in a group are returned when checking group entitlements
CauseWhen checking group entitlements of a single ClearTrust user, the 5.5.2 Authentication server will retrieve all attributes of the desired group, including the attribute holding the user list.  As a result, all users in the group are returned to the Authentication server.  This causes a significant reduction in performance with large groups.
Resolution
This issue is resolved in hot fix 5.5.2.37 for RSA ClearTrust Servers. Contact RSA Security Customer Support to request this hot fix, or request the latest fix level (which is cumulative, and contains fixes from previous fix levels). Review the provided Readme file for installation instructions.
Legacy Article IDa22638

Attachments

    Outcomes