Identity Applications tracks and clears all the LDAP sockets and references at the specified interval. By default, this interval is set to 60 minutes. A simple user search will not take time. When too many LDAP requests are handled, CPU utilization and memory usage of the system increases leading to performance issues. In this case, you might need to decrease the LDAP socket cleanup interval manually. A small interval cleans the memory regularly and decreases the memory footprint of the process. Otherwise, the socket objects remain in the memory and cause out of memory issues.
To decrease the LDAP socket cleanup interval:
Open the ism-configuration.properties file that is located at:
Linux: /opt/netiq/idm/apps/tomcat/conf/
Windows: C:\NetIQ\idm\apps\tomcat\conf
Set the com.novell.idm.ldap.socket.cleanup.interval property to 10 minutes.
For example,
com.novell.idm.ldap.socket.cleanup.interval=10
Restart the Identity Applications service.
systemctl restart netiq-tomcat.service