PowerScale: Unfindable UIDs on a Map Lookup UID enabled export could potentially cause load on lsass and lead to NFS performance issues.

There is a rare chance that clients using a local account that do not have a mappable UID on the cluster using an NFS export configured with Map Lookup UID can potentially cause lsass to become overloaded and lead to performance degradation. 

Some signs this may be causing issues would be uid_to_ntoken latency in the lsass statistics with increased ops when running the following command:  

isi statistics protocol list --protocols=lsass_in,lsass_out --nodes=all --sort=timeavg --limit=10

The following errors are seen for different UIDs in the /var/log/lsassd.log: 

[lsass] Failed to map uid 986: Failed to lookup uid 986: (LW_ERROR_NO_SUCH_USER) No such user

The presence of these messages does not mean it is the contributor to a performance issue. Often it is log spam that should still be addressed by following the steps in the Resolution section.
 

There are two possible solutions to make the UIDs findable to stop the unwanted finds. 

1. Make the UIDs findable by adding them to external auth providers.
2. Make local users for the unfindable UIDs on the cluster.

The following code levels include enhancements for the issue:

• 9.2.1: Resolved in PATCH: [9.2.1.24_GA-RUP_2023-09] 
• 9.4.0: Resolved in PATCH: [9.4.0.16_GA-RUP_2023-11] 
• 9.5.0: Resolved in PATCH: [9.5.0.6_LTS2023_GA-RUP] 
• OneFS 9.7 and later versions contain the fix in code.

The messages continue to be logged in /var/log/lsassd.log if there are UIDs that are not findable, but the above code levels address the performance concerns from having unfindable UIDs.