On Tue, Apr 28, 2015 at 08:52:32AM +0000, Majid Khan wrote:
Hi,
I am getting the following from some of the clients machine I'm not sure why some of
them sending this info otherwise my authentication and login all is working fine but
I'm concern why its happening and my log is full of the following kind of message:
Apr 28 05:58:44 server1 slapd[23003]: conn=5235 op=22 SRCH
base="dc=example,dc=com" scope=2 deref=0
filter="(&(uidNumber=4294967295)(objectClass=posixAccount)(uid=*)(&(uidNumber=*)(!(uidNumber=0))))"
Apr 28 05:58:44 server1 slapd[23003]: conn=5235 op=22 SRCH attr=objectClass uid
userPassword uidNumber gidNumber gecos homeDirectory loginShell krbPrincipalName cn
modifyTimestamp modifyTimestamp shadowLastChange shadowMin shadowMax shadowWarning
shadowInactive shadowExpire shadowFlag krbLastPwdChange krbPasswordExpiration pwdAttribute
authorizedService accountExpires userAccountControl nsAccountLock host loginDisabled
loginExpirationTime loginAllowedTimeMap
Server info: CentOS release 6.6
LDAP version: openldap-2.4.40
Client info: CentOS release 6.2
Client using SSSD: sssd-1.11.6 (installed through yum)
You need to enable SSSD logging (NSS responder in particular) to see which
client requested this UID:
https://fedorahosted.org/sssd/wiki/Troubleshooting
I suspect it's something like the nfsnobody user.