Often Linux systems are connected to LDAP via sssd. A high CPU consuming sssd can be seen in top, like below ( e.g. 89.4 % CPU usage):
9020 root 20 0 1296344 466780 333364 R 89.4 0.8 41:20.17 sssd_nss
27227 oracle 20 0 2371676 48320 29732 S 4.3 0.1 27:00.70 oracle
One reason could be default configuration of /etc/nsswitch.conf:
passwd: db sss files
shadow: db sss files
group: db sss files
This configuration causes sssd_nss contacted by every user / group lookup if in local databases nothing is found, which may result in looping sssd_nss.
This /etc/nsswitch.conf configuration may help:
passwd: db files sss
shadow: db files sss
group: db files sss
Now first the local files are queried before sssd is contacted.
What also may help is to clear sssd cache after change of /etc/nsswitch.conf:
systemctl stop sssd
rm -rf /var/lib/sss/db/*
systemctl start sssd
![Thumbnail [60x60]](https://www.dbi-services.com/blog/wp-content/uploads/2022/12/oracle-square.png)
![Thumbnail [90x90]](https://www.dbi-services.com/blog/wp-content/uploads/2022/08/DWE_web-min-scaled.jpg)