[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: uidNumber=4294967295 is being appearing in the log frequently



Majid Khan wrote:
Dear Techies,

I'm not sure if this is the right forum to discuss this but I am getting
the following from some of the clients machine I'm not sure why some of
them sending this info otherwise my authentication and login all is
working fine but I'm concern why its happening and my log is full of the
following kind of message:

If this is not the right forum then I apologies and please direct me to
that right group:

Since the query is coming from SSSD, you should be asking in a forum for SSSD support. This has nothing to do with OpenLDAP.

For the record, this is a pretty stupidly constructed LDAP search filter. Their LDAP support appears to be pretty clunky.

Apr 28 05:58:44 server1 slapd[23003]: conn=5235 op=22 SRCH
base="dc=example,dc=com" scope=2 deref=0
filter="(&(uidNumber=4294967295)(objectClass=posixAccount)(uid=*)(&(uidNumber=*)(!(uidNumber=0))))"
Apr 28 05:58:44 server1 slapd[23003]: conn=5235 op=22 SRCH
attr=objectClass uid userPassword uidNumber gidNumber gecos
homeDirectory loginShell krbPrincipalName cn modifyTimestamp
modifyTimestamp shadowLastChange shadowMin shadowMax shadowWarning
shadowInactive shadowExpire shadowFlag krbLastPwdChange
krbPasswordExpiration pwdAttribute authorizedService accountExpires
userAccountControl nsAccountLock host loginDisabled loginExpirationTime
loginAllowedTimeMap

Server info: CentOS release 6.6
LDAP version: openldap-2.4.40

Client info: CentOS release 6.2
Client using SSSD: sssd-1.11.6

--
  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/