DB2 Crash or slow performance
Defect 24667. Fixed in 184.108.40.206.* nss: Fix a possible segfault when smartcache is failed over to from an application with more then 1024 files open.
Defect 26341. Fixed in 220.127.116.11. LAM: If called from db2ckpw*, use PAM's try_disauth_first behavior. This should greatly speed up calls to authenticate QAS users through DB2.
Upgrade to 18.104.22.168 or higher with DB2. Please read Authentication Services 4.0.3 Maintenance Release
Use the DB2_NUM_CKPW_DAEMONS registry variable to start a configurable number of check password daemons. The daemons are created during db2start and handle check password requests when the default IBMOSauthserver security plugin is in use. Increasing the setting for DB2_NUM_CKPW_DAEMONS can decrease the time required to establish a database connection, but this is only effective in scenarios where many connections are being made simultaneously and where authentication is expensive.
1 - Edit the pam files and add the try_disauth_first setting
For example, on some versions of Redhat, you would do the following:
1 - cp -p /etc/pam.d/system-auth /etc/pam.d/db2
2 - Then add the try_disauth_first setting to the auth lines with pam_vas in them.
Please note: On other systems the file may have another name: system-auth, pasword-auth or common-auth.
The setting will stop the Active Directory activity except one every 5 minutes per user. As a result of this setting, DB2 will have a performance increase. It will also avoid crashes due to too much processing.
There is more information about this setting in the pam_vas man page