Description:

Running LDAP Premium feature Enable Auto Logout causes indefinite 60 - 85 % CPU load.

This issue is a stub where I'll add anything I can find about it. It may be that the cause is simply badly refined LDAP attributes, as the defaults for advanced sync are *,+ meaning it combs through everything for every account.

Steps to reproduce:

1. Follow CPU load of RC processes on the server.
2. Enable Admin -> Settings -> LDAP -> Premium -> Auto Logout Deactivated Users -> Enable Auto Logout.
3. Default setting is 5 minutes. Increase this to a very long time such as 3600 minutes (60 hours). Save the settings.
4. Disable auto logout. Save.
5. Enable auto logout. Save.

Expected behavior:

Auto logout triggers once. After the state of all users have been combed through excess CPU load should end until the next interval.

Actual behavior:

The excess CPU load continues indefinitely.

Disabling the auto logout feature immediately stops the load.

Server Setup Information:

• Version of Rocket.Chat Server: 6.8.0
• Operating System: RHEL8
• Deployment Method: tar
• Number of Running Instances: 4
• DB Replicaset Oplog: Yes
• NodeJS Version: 14.21.3
• MongoDB Version: 5.0

Additional context

Might be triggered only with several hundreds of accounts in LDAP.

Relevant logs:

No actual errors hits the eye in DEBUG level rocketchat service log.

After additional testing with 12 required attributes per account, the problem remains; auto logout deactivated users feature is either constantly polling regardless of the auto logout internal value and choice of the attribute set, or it is just running awol on its own.

FYI: @pierre-lehnen-rc

Seeing this also. Disabled this option for now

Can confirm this.

I think there is some issue in general with the ldap background tasks.

After upgrading to 6.9 yesterday it's not longer the "Enable Auto Logout" background job which causes the load. Now it's the "Avatar Background Sync". At least in our instance. After disabling it, the load tends to be 0.