Thanks jakub for the reply, I did that but couldn't get anything useful only the following lines:
(Tue Apr 28 10:04:00 2015) [sssd] [service_send_ping] (0x0100): Pinging default
(Tue Apr 28 10:04:00 2015) [sssd] [sbus_add_timeout] (0x2000): 0x62e0a0
(Tue Apr 28 10:04:00 2015) [sssd] [service_send_ping] (0x0100): Pinging nss
(Tue Apr 28 10:04:00 2015) [sssd] [sbus_add_timeout] (0x2000): 0x62e4a0
(Tue Apr 28 10:04:00 2015) [sssd] [service_send_ping] (0x0100): Pinging pam
(Tue Apr 28 10:04:00 2015) [sssd] [sbus_add_timeout] (0x2000): 0x62a280
(Tue Apr 28 10:04:00 2015) [sssd] [sbus_remove_timeout] (0x2000): 0x62e0a0
(Tue Apr 28 10:04:00 2015) [sssd] [sbus_dispatch] (0x4000): dbus conn: 0x626730
(Tue Apr 28 10:04:00 2015) [sssd] [sbus_dispatch] (0x4000): Dispatching.
(Tue Apr 28 10:04:00 2015) [sssd] [ping_check] (0x0100): Service default replied to ping
(Tue Apr 28 10:04:00 2015) [sssd] [sbus_remove_timeout] (0x2000): 0x62e4a0
(Tue Apr 28 10:04:00 2015) [sssd] [sbus_dispatch] (0x4000): dbus conn: 0x62bb50
(Tue Apr 28 10:04:00 2015) [sssd] [sbus_dispatch] (0x4000): Dispatching.
(Tue Apr 28 10:04:00 2015) [sssd] [ping_check] (0x0100): Service nss replied to ping
(Tue Apr 28 10:04:00 2015) [sssd] [sbus_remove_timeout] (0x2000): 0x62a280
(Tue Apr 28 10:04:00 2015) [sssd] [sbus_dispatch] (0x4000): dbus conn: 0x62ac10
(Tue Apr 28 10:04:00 2015) [sssd] [sbus_dispatch] (0x4000): Dispatching.
(Tue Apr 28 10:04:00 2015) [sssd] [ping_check] (0x0100): Service pam replied to ping
I do have nfsnobody but the id is different and I am already filtering that user in the sssd.conf
[daemon@a sssd]# id nfsnobody
uid=65534(nfsnobody) gid=65534(nfsnobody) groups=65534(nfsnobody)
sssd.conf
[sssd]
config_file_version = 2
services = nss, pam
domains = default
debug_level = 9
[nss]
filter_users = abrt,avahi,adm,bin,daemon,dbus,disk,exim,ftp,games,gopher,haldaemon,halt,lp,ldap,mail,mysql,named,news,nfsnobody,nobody,nscd,ntp,operator,oprofile,qpidd,radiusd,root,rpc,rpcuser,saslauth,shutdown,sshd,sys,sync,tty,tcpdump,uucp,vcsa
filter_groups = abrt,avahi,adm,bin,daemon,dbus,disk,exim,ftp,games,gopher,haldaemon,halt,lp,ldap,mail,mysql,named,news,nfsnobody,nobody,nscd,ntp,operator,oprofile,qpidd,radiusd,root,rpc,rpcuser,saslauth,shutdown,sshd,sys,sync,tty,tcpdump,uucp,vcsa
[pam]
[domain/default]
ldap_tls_reqcert = never
auth_provider = ldap
id_provider = ldap
ldap_search_base = dc=example,dc=com
ldap_uri = ldaps://ldap1.example.com/
ldap_id_use_start_tls = TRUE
ldap_tls_cacertdir = /etc/openldap/cacerts
Any other tip to fix it?
Best regards,
From: Jakub Hrozek <jhrozek@redhat.com>
To: sssd-users@lists.fedorahosted.org
Sent: Tuesday, April 28, 2015 1:00 PM
Subject: Re: [SSSD-users] uidNumber=4294967295 is being appearing in the log frequently
On Tue, Apr 28, 2015 at 08:52:32AM +0000, Majid Khan wrote:
> Hi,
>
> I am getting the following from some of the clients machine I'm not sure why some of them sending this info otherwise my authentication and login all is working fine but I'm concern why its happening and my log is full of the following kind of message:
>
> Apr 28 05:58:44 server1 slapd[23003]: conn=5235 op=22 SRCH base="dc=example,dc=com" scope=2 deref=0 filter="(&(uidNumber=4294967295)(objectClass=posixAccount)(uid=*)(&(uidNumber=*)(!(uidNumber=0))))"
> Apr 28 05:58:44 server1 slapd[23003]: conn=5235 op=22 SRCH attr=objectClass uid userPassword uidNumber gidNumber gecos homeDirectory loginShell krbPrincipalName cn modifyTimestamp modifyTimestamp shadowLastChange shadowMin shadowMax shadowWarning shadowInactive shadowExpire shadowFlag krbLastPwdChange krbPasswordExpiration pwdAttribute authorizedService accountExpires userAccountControl nsAccountLock host loginDisabled loginExpirationTime loginAllowedTimeMap
>
> Server info: CentOS release 6.6
> LDAP version: openldap-2.4.40
>
> Client info: CentOS release 6.2
> Client using SSSD: sssd-1.11.6 (installed through yum)
You need to enable SSSD logging (NSS responder in particular) to see which
client requested this UID:
https://fedorahosted.org/sssd/wiki/TroubleshootingI suspect it's something like the nfsnobody user.
_______________________________________________
sssd-users mailing list
sssd-users@lists.fedorahosted.orghttps://lists.fedorahosted.org/mailman/listinfo/sssd-users