When the cached LDAP information expires Nexus Repo will make a query to the LDAP server to retrieve that user's LDAP groups. If there are large numbers of requests coming into Nexus Repo for that user at the time this happens it will result in multiple, concurrent requests to the LDAP server to retreive the user's LDAP groups, all of which are making the exact same query.
This can overwhelm some LDAP servers, leading to authentication failures. In some cases all the threads available to the NXRM process will be consumed, resulting in NXRM instability and un-responsiveness.
We should consider adding a queuing mechanism to the LDAP code. Identical requests that trigger cache repopulation should queue up and wait if there is already another request running to retreive this information.