Environment
Novell Open Enterprise Server 11 SP1 (OES11SP1)
Domain Services for Windows
DSfW
eDirectory 8.8.7.4
NMAS
Domain Services for Windows
DSfW
eDirectory 8.8.7.4
NMAS
Situation
DSfW: ndsd coring in ber_put_seqorset on DSFW server
All DSfW servers core about the same time
#0 0x00007fbdaaf4f2c5 in ber_put_seqorset (ber=0x3b0e3a80) at /usr/src/debug/novell-NDSbase-8.8.7.4/nldap-8.8.7.4/ber/berencode.cpp:515
#1 0x00007fbdaaf4ff6e in ber_common_printf (ber=0x3b0e3a80, fmt=0x7fbdab02fdae "]", ap=0x7fbd97a736f0) at /usr/src/debug/novell-NDSbase-8.8.7.4/nldap-8.8.7.4/ber/berencode.cpp:758
#2 0x00007fbdaaf500e2 in ber_printf (ber=0x3b0e3a80, fmt=0x7fbdab02fdae "]") at /usr/src/debug/novell-NDSbase-8.8.7.4/nldap-8.8.7.4/ber/berencode.cpp:662
#3 0x00007fbdaaf77ef2 in put_filter (ber=0x3b0e3a80, str_in=0x34483f80 "(samAccountName=My user name :) )")
All DSfW servers core about the same time
#0 0x00007fbdaaf4f2c5 in ber_put_seqorset (ber=0x3b0e3a80) at /usr/src/debug/novell-NDSbase-8.8.7.4/nldap-8.8.7.4/ber/berencode.cpp:515
#1 0x00007fbdaaf4ff6e in ber_common_printf (ber=0x3b0e3a80, fmt=0x7fbdab02fdae "]", ap=0x7fbd97a736f0) at /usr/src/debug/novell-NDSbase-8.8.7.4/nldap-8.8.7.4/ber/berencode.cpp:758
#2 0x00007fbdaaf500e2 in ber_printf (ber=0x3b0e3a80, fmt=0x7fbdab02fdae "]") at /usr/src/debug/novell-NDSbase-8.8.7.4/nldap-8.8.7.4/ber/berencode.cpp:662
#3 0x00007fbdaaf77ef2 in put_filter (ber=0x3b0e3a80, str_in=0x34483f80 "(samAccountName=My user name :) )")
Resolution
Apply the November 2013 Maintenance Patch
Cause
Root cause:
The User Name component of the NetLogon request filter was used for an internal search without appropriate escape sequences.
Note:
If the User Name component contains '(' or ')' the internal search request is suppressed. This is fine as samAccountName can't have '(' and ')' characters anyways.
The User Name component of the NetLogon request filter was used for an internal search without appropriate escape sequences.
Note:
If the User Name component contains '(' or ')' the internal search request is suppressed. This is fine as samAccountName can't have '(' and ')' characters anyways.