On Tue, Apr 28, 2015 at 08:52:32AM +0000, Majid Khan wrote:
Hi,
I am getting the following from some of the clients machine I'm not sure why some of them sending this info otherwise my authentication and login all is working fine but I'm concern why its happening and my log is full of the following kind of message:
Apr 28 05:58:44 server1 slapd[23003]: conn=5235 op=22 SRCH base="dc=example,dc=com" scope=2 deref=0 filter="(&(uidNumber=4294967295)(objectClass=posixAccount)(uid=*)(&(uidNumber=*)(!(uidNumber=0))))" Apr 28 05:58:44 server1 slapd[23003]: conn=5235 op=22 SRCH attr=objectClass uid userPassword uidNumber gidNumber gecos homeDirectory loginShell krbPrincipalName cn modifyTimestamp modifyTimestamp shadowLastChange shadowMin shadowMax shadowWarning shadowInactive shadowExpire shadowFlag krbLastPwdChange krbPasswordExpiration pwdAttribute authorizedService accountExpires userAccountControl nsAccountLock host loginDisabled loginExpirationTime loginAllowedTimeMap
Server info: CentOS release 6.6 LDAP version: openldap-2.4.40
Client info: CentOS release 6.2 Client using SSSD: sssd-1.11.6 (installed through yum)
You need to enable SSSD logging (NSS responder in particular) to see which client requested this UID: https://fedorahosted.org/sssd/wiki/Troubleshooting
I suspect it's something like the nfsnobody user.