Thanks Howard.
Best regards,
From: Howard Chu <[email protected]>
To: Majid Khan <[email protected]>; "[email protected]"
<[email protected]>
Sent: Tuesday, April 28, 2015 12:35 PM
Subject: Re: uidNumber=4294967295 is being appearing in the log frequently
Majid Khan wrote:
> Dear Techies,
>
> I'm not sure if this is the right forum to discuss this but I am getting
> the following from some of the clients machine I'm not sure why some of
> them sending this info otherwise my authentication and login all is
> working fine but I'm concern why its happening and my log is full of the
> following kind of message:
>
> If this is not the right forum then I apologies and please direct me to
> that right group:
Since the query is coming from SSSD, you should be asking in a forum for
SSSD support. This has nothing to do with OpenLDAP.
For the record, this is a pretty stupidly constructed LDAP search
filter. Their LDAP support appears to be pretty clunky.
>
> Apr 28 05:58:44 server1 slapd[23003]: conn=5235 op=22 SRCH
> base="dc=example,dc=com" scope=2 deref=0
> filter="(&(uidNumber=4294967295)(objectClass=posixAccount)(uid=*)(&(uidNumber=*)(!(uidNumber=0))))"
> Apr 28 05:58:44 server1 slapd[23003]: conn=5235 op=22 SRCH
> attr=objectClass uid userPassword uidNumber gidNumber gecos
> homeDirectory loginShell krbPrincipalName cn modifyTimestamp
> modifyTimestamp shadowLastChange shadowMin shadowMax shadowWarning
> shadowInactive shadowExpire shadowFlag krbLastPwdChange
> krbPasswordExpiration pwdAttribute authorizedService accountExpires
> userAccountControl nsAccountLock host loginDisabled loginExpirationTime
> loginAllowedTimeMap
>
> Server info: CentOS release 6.6
> LDAP version: openldap-2.4.40
>
> Client info: CentOS release 6.2
> Client using SSSD: sssd-1.11.6
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/
