Thanks Howard.

Best regards,


From: Howard Chu <hyc@symas.com>
To: Majid Khan <majidkhan59@yahoo.com>; "openldap-technical@openldap.org" <openldap-technical@openldap.org>
Sent: Tuesday, April 28, 2015 12:35 PM
Subject: Re: uidNumber=4294967295 is being appearing in the log frequently

Majid Khan wrote:
> Dear Techies,
>
> I'm not sure if this is the right forum to discuss this but I am getting
> the following from some of the clients machine I'm not sure why some of
> them sending this info otherwise my authentication and login all is
> working fine but I'm concern why its happening and my log is full of the
> following kind of message:
>
> If this is not the right forum then I apologies and please direct me to
> that right group:

Since the query is coming from SSSD, you should be asking in a forum for
SSSD support. This has nothing to do with OpenLDAP.

For the record, this is a pretty stupidly constructed LDAP search
filter. Their LDAP support appears to be pretty clunky.



>
> Apr 28 05:58:44 server1 slapd[23003]: conn=5235 op=22 SRCH
> base="dc=example,dc=com" scope=2 deref=0
> filter="(&(uidNumber=4294967295)(objectClass=posixAccount)(uid=*)(&(uidNumber=*)(!(uidNumber=0))))"
> Apr 28 05:58:44 server1 slapd[23003]: conn=5235 op=22 SRCH
> attr=objectClass uid userPassword uidNumber gidNumber gecos
> homeDirectory loginShell krbPrincipalName cn modifyTimestamp
> modifyTimestamp shadowLastChange shadowMin shadowMax shadowWarning
> shadowInactive shadowExpire shadowFlag krbLastPwdChange
> krbPasswordExpiration pwdAttribute authorizedService accountExpires
> userAccountControl nsAccountLock host loginDisabled loginExpirationTime
> loginAllowedTimeMap
>
> Server info: CentOS release 6.6
> LDAP version: openldap-2.4.40
>
> Client info: CentOS release 6.2
> Client using SSSD: sssd-1.11.6


--
  -- Howard Chu
  CTO, Symas Corp.          http://www.symas.com
  Director, Highland Sun    http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/