Novell Open Enterprise Server 2 (OES 2) Linux
Symantec AntiVirus 1.0.14-13
- This server held a replica of the entire tree
- Over 30 OES servers used this server for it's LUM preferred-server.
- query for Unix Workstation object (found)
- query for each LUM-enabled group associated to the workstation (found)
- sub-tree query from the base-name in nam.conf for a particular uidNumber (not found)
- do the following for each LUM-enabled group associated to the Unix Workstation object
- base query the group for members
- base query each member to see if they have the specific uidNumber (not found)
The more LUM-enabled groups and users associated to the Unix Workstation, the greater the volume of queries per server.
(note: for a useful ndstrace log, all ldap information needs to be enabled. To quickly set this on a server, run
ldapconfig set "LDAP Screen Level = all".
When prompted for credentials, use ndsd format. For example, admin.novell).
Back tracking, we found that a service created the user with the given uid number. Once we knew that process, we identified there were 2 processes that might call for this uidNumber -- the service and rtvscand. Stopping the service, stopped the queries. However, stopping rtvscand, while letting the original service run, also stopped the queries.
Running ltrace on each service displayed that rtvscand was making a call for the improper uidNumber.