Ok I enabled the debug in nss cache and getting this: (Tue Apr 28 10:11:59 2015) [sssd[nss]] [nss_cmd_getbyid] (0x0400): Running command [18] with id [-1]. (Tue Apr 28 10:11:59 2015) [sssd[nss]] [nss_cmd_getbyid] (0x0400): Uid [4294967295] does not exist! (negative cache) (Tue Apr 28 10:11:59 2015) [sssd[nss]] [nss_cmd_getbyid] (0x0400): Running command [18] with id [-1]. (Tue Apr 28 10:11:59 2015) [sssd[nss]] [nss_cmd_getbyid] (0x0400): Uid [4294967295] does not exist! (negative cache) (Tue Apr 28 10:11:59 2015) [sssd[nss]] [nss_cmd_getbyid] (0x0400): Running command [18] with id [-1]. (Tue Apr 28 10:11:59 2015) [sssd[nss]] [nss_cmd_getbyid] (0x0400): Uid [4294967295] does not exist! (negative cache) (Tue Apr 28 10:11:59 2015) [sssd[nss]] [nss_cmd_getbyid] (0x0400): Running command [18] with id [-1]. (Tue Apr 28 10:11:59 2015) [sssd[nss]] [nss_cmd_getbyid] (0x0400): Uid [4294967295] does not exist! (negative cache) (Tue Apr 28 10:11:59 2015) [sssd[nss]] [nss_cmd_getbyid] (0x0400): Running command [18] with id [-1].
From: Majid Khan majidkhan59@yahoo.com To: End-user discussions about the System Security Services Daemon sssd-users@lists.fedorahosted.org Sent: Tuesday, April 28, 2015 2:10 PM Subject: Re: [SSSD-users] uidNumber=4294967295 is being appearing in the log frequently
Thanks jakub for the reply, I did that but couldn't get anything useful only the following lines: (Tue Apr 28 10:04:00 2015) [sssd] [service_send_ping] (0x0100): Pinging default (Tue Apr 28 10:04:00 2015) [sssd] [sbus_add_timeout] (0x2000): 0x62e0a0 (Tue Apr 28 10:04:00 2015) [sssd] [service_send_ping] (0x0100): Pinging nss (Tue Apr 28 10:04:00 2015) [sssd] [sbus_add_timeout] (0x2000): 0x62e4a0 (Tue Apr 28 10:04:00 2015) [sssd] [service_send_ping] (0x0100): Pinging pam (Tue Apr 28 10:04:00 2015) [sssd] [sbus_add_timeout] (0x2000): 0x62a280 (Tue Apr 28 10:04:00 2015) [sssd] [sbus_remove_timeout] (0x2000): 0x62e0a0 (Tue Apr 28 10:04:00 2015) [sssd] [sbus_dispatch] (0x4000): dbus conn: 0x626730 (Tue Apr 28 10:04:00 2015) [sssd] [sbus_dispatch] (0x4000): Dispatching. (Tue Apr 28 10:04:00 2015) [sssd] [ping_check] (0x0100): Service default replied to ping (Tue Apr 28 10:04:00 2015) [sssd] [sbus_remove_timeout] (0x2000): 0x62e4a0 (Tue Apr 28 10:04:00 2015) [sssd] [sbus_dispatch] (0x4000): dbus conn: 0x62bb50 (Tue Apr 28 10:04:00 2015) [sssd] [sbus_dispatch] (0x4000): Dispatching. (Tue Apr 28 10:04:00 2015) [sssd] [ping_check] (0x0100): Service nss replied to ping (Tue Apr 28 10:04:00 2015) [sssd] [sbus_remove_timeout] (0x2000): 0x62a280 (Tue Apr 28 10:04:00 2015) [sssd] [sbus_dispatch] (0x4000): dbus conn: 0x62ac10 (Tue Apr 28 10:04:00 2015) [sssd] [sbus_dispatch] (0x4000): Dispatching. (Tue Apr 28 10:04:00 2015) [sssd] [ping_check] (0x0100): Service pam replied to ping
I do have nfsnobody but the id is different and I am already filtering that user in the sssd.conf [daemon@a sssd]# id nfsnobody uid=65534(nfsnobody) gid=65534(nfsnobody) groups=65534(nfsnobody)
sssd.conf [sssd] config_file_version = 2 services = nss, pam domains = default debug_level = 9
[nss] filter_users = abrt,avahi,adm,bin,daemon,dbus,disk,exim,ftp,games,gopher,haldaemon,halt,lp,ldap,mail,mysql,named,news,nfsnobody,nobody,nscd,ntp,operator,oprofile,qpidd,radiusd,root,rpc,rpcuser,saslauth,shutdown,sshd,sys,sync,tty,tcpdump,uucp,vcsa filter_groups = abrt,avahi,adm,bin,daemon,dbus,disk,exim,ftp,games,gopher,haldaemon,halt,lp,ldap,mail,mysql,named,news,nfsnobody,nobody,nscd,ntp,operator,oprofile,qpidd,radiusd,root,rpc,rpcuser,saslauth,shutdown,sshd,sys,sync,tty,tcpdump,uucp,vcsa
[pam]
[domain/default] ldap_tls_reqcert = never auth_provider = ldap id_provider = ldap ldap_search_base = dc=example,dc=com ldap_uri = ldaps://ldap1.example.com/ ldap_id_use_start_tls = TRUE ldap_tls_cacertdir = /etc/openldap/cacerts
Any other tip to fix it? Best regards,
From: Jakub Hrozek jhrozek@redhat.com To: sssd-users@lists.fedorahosted.org Sent: Tuesday, April 28, 2015 1:00 PM Subject: Re: [SSSD-users] uidNumber=4294967295 is being appearing in the log frequently
On Tue, Apr 28, 2015 at 08:52:32AM +0000, Majid Khan wrote:
Hi,
I am getting the following from some of the clients machine I'm not sure why some of them sending this info otherwise my authentication and login all is working fine but I'm concern why its happening and my log is full of the following kind of message:
Apr 28 05:58:44 server1 slapd[23003]: conn=5235 op=22 SRCH base="dc=example,dc=com" scope=2 deref=0 filter="(&(uidNumber=4294967295)(objectClass=posixAccount)(uid=*)(&(uidNumber=*)(!(uidNumber=0))))" Apr 28 05:58:44 server1 slapd[23003]: conn=5235 op=22 SRCH attr=objectClass uid userPassword uidNumber gidNumber gecos homeDirectory loginShell krbPrincipalName cn modifyTimestamp modifyTimestamp shadowLastChange shadowMin shadowMax shadowWarning shadowInactive shadowExpire shadowFlag krbLastPwdChange krbPasswordExpiration pwdAttribute authorizedService accountExpires userAccountControl nsAccountLock host loginDisabled loginExpirationTime loginAllowedTimeMap
Server info: CentOS release 6.6 LDAP version: openldap-2.4.40
Client info: CentOS release 6.2 Client using SSSD: sssd-1.11.6 (installed through yum)
You need to enable SSSD logging (NSS responder in particular) to see which client requested this UID: https://fedorahosted.org/sssd/wiki/Troubleshooting
I suspect it's something like the nfsnobody user. _______________________________________________ sssd-users mailing list sssd-users@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/sssd-users