Dear Techies, I'm not sure if this is the right forum to discuss this but I am getting the following from some of the clients machine I'm not sure why some of them sending this info otherwise my authentication and login all is working fine but I'm concern why its happening and my log is full of the following kind of message:
If this is not the right forum then I apologies and please direct me to that right group:
Apr 28 05:58:44 server1 slapd[23003]: conn=5235 op=22 SRCH base="dc=example,dc=com" scope=2 deref=0 filter="(&(uidNumber=4294967295)(objectClass=posixAccount)(uid=*)(&(uidNumber=*)(!(uidNumber=0))))"Apr 28 05:58:44 server1 slapd[23003]: conn=5235 op=22 SRCH attr=objectClass uid userPassword uidNumber gidNumber gecos homeDirectory loginShell krbPrincipalName cn modifyTimestamp modifyTimestamp shadowLastChange shadowMin shadowMax shadowWarning shadowInactive shadowExpire shadowFlag krbLastPwdChange krbPasswordExpiration pwdAttribute authorizedService accountExpires userAccountControl nsAccountLock host loginDisabled loginExpirationTime loginAllowedTimeMap Server info: CentOS release 6.6LDAP version: openldap-2.4.40 Client info: CentOS release 6.2Client using SSSD: sssd-1.11.6 Thanks. Best regards, Majid.
Majid Khan wrote:
Dear Techies,
I'm not sure if this is the right forum to discuss this but I am getting the following from some of the clients machine I'm not sure why some of them sending this info otherwise my authentication and login all is working fine but I'm concern why its happening and my log is full of the following kind of message:
If this is not the right forum then I apologies and please direct me to that right group:
Since the query is coming from SSSD, you should be asking in a forum for SSSD support. This has nothing to do with OpenLDAP.
For the record, this is a pretty stupidly constructed LDAP search filter. Their LDAP support appears to be pretty clunky.
Apr 28 05:58:44 server1 slapd[23003]: conn=5235 op=22 SRCH base="dc=example,dc=com" scope=2 deref=0 filter="(&(uidNumber=4294967295)(objectClass=posixAccount)(uid=*)(&(uidNumber=*)(!(uidNumber=0))))" Apr 28 05:58:44 server1 slapd[23003]: conn=5235 op=22 SRCH attr=objectClass uid userPassword uidNumber gidNumber gecos homeDirectory loginShell krbPrincipalName cn modifyTimestamp modifyTimestamp shadowLastChange shadowMin shadowMax shadowWarning shadowInactive shadowExpire shadowFlag krbLastPwdChange krbPasswordExpiration pwdAttribute authorizedService accountExpires userAccountControl nsAccountLock host loginDisabled loginExpirationTime loginAllowedTimeMap
Server info: CentOS release 6.6 LDAP version: openldap-2.4.40
Client info: CentOS release 6.2 Client using SSSD: sssd-1.11.6
Thanks Howard. Best regards,
From: Howard Chu hyc@symas.com To: Majid Khan majidkhan59@yahoo.com; "openldap-technical@openldap.org" openldap-technical@openldap.org Sent: Tuesday, April 28, 2015 12:35 PM Subject: Re: uidNumber=4294967295 is being appearing in the log frequently
Majid Khan wrote:
Dear Techies,
I'm not sure if this is the right forum to discuss this but I am getting the following from some of the clients machine I'm not sure why some of them sending this info otherwise my authentication and login all is working fine but I'm concern why its happening and my log is full of the following kind of message:
If this is not the right forum then I apologies and please direct me to that right group:
Since the query is coming from SSSD, you should be asking in a forum for SSSD support. This has nothing to do with OpenLDAP.
For the record, this is a pretty stupidly constructed LDAP search filter. Their LDAP support appears to be pretty clunky.
Apr 28 05:58:44 server1 slapd[23003]: conn=5235 op=22 SRCH base="dc=example,dc=com" scope=2 deref=0 filter="(&(uidNumber=4294967295)(objectClass=posixAccount)(uid=*)(&(uidNumber=*)(!(uidNumber=0))))" Apr 28 05:58:44 server1 slapd[23003]: conn=5235 op=22 SRCH attr=objectClass uid userPassword uidNumber gidNumber gecos homeDirectory loginShell krbPrincipalName cn modifyTimestamp modifyTimestamp shadowLastChange shadowMin shadowMax shadowWarning shadowInactive shadowExpire shadowFlag krbLastPwdChange krbPasswordExpiration pwdAttribute authorizedService accountExpires userAccountControl nsAccountLock host loginDisabled loginExpirationTime loginAllowedTimeMap
Server info: CentOS release 6.6 LDAP version: openldap-2.4.40
Client info: CentOS release 6.2 Client using SSSD: sssd-1.11.6
openldap-technical@openldap.org