RSS feed

nslcd debug log shows query for passwd=-1

[Date Prev][Date Next] [Thread Prev][Thread Next]

nslcd debug log shows query for passwd=-1


I've setup ldap for passwd entry in /etc/nsswitch.conf. (The passwd row is: passwd files ldap). I see the following log when I run nslcd in debug mode:

"nslcd: [8b4567] <passwd=-1> DEBUG: myldap_search(base="DC=XXX,DC=XXX,DC=XXX,DC=XXX", filter="(&(objectClass=posixAccount)(uidNumber=-1))")
nslcd: [8b4567] <passwd=-1> DEBUG: ldap_initialize(ldaps://XXX)
nslcd: [8b4567] <passwd=-1> DEBUG: ldap_set_rebind_proc()
nslcd: [8b4567] <passwd=-1> DEBUG: ldap_set_option(LDAP_OPT_PROTOCOL_VERSION,3)
nslcd: [8b4567] <passwd=-1> DEBUG: ldap_set_option(LDAP_OPT_DEREF,0)
nslcd: [8b4567] <passwd=-1> DEBUG: ldap_set_option(LDAP_OPT_TIMELIMIT,0)
nslcd: [8b4567] <passwd=-1> DEBUG: ldap_set_option(LDAP_OPT_TIMEOUT,0)
nslcd: [8b4567] <passwd=-1> DEBUG: ldap_set_option(LDAP_OPT_NETWORK_TIMEOUT,0)
nslcd: [8b4567] <passwd=-1> DEBUG: ldap_set_option(LDAP_OPT_REFERRALS,LDAP_OPT_ON)
nslcd: [8b4567] <passwd=-1> DEBUG: ldap_set_option(LDAP_OPT_RESTART,LDAP_OPT_ON)
nslcd: [8b4567] <passwd=-1> DEBUG: ldap_set_option(LDAP_OPT_X_TLS,LDAP_OPT_X_TLS_HARD)
nslcd: [8b4567] <passwd=-1> DEBUG: ldap_simple_bind_s("XXX","***") (uri="ldaps://XXX")
nslcd: [8b4567] <passwd=-1> DEBUG: ldap_result(): end of results (0 total)"

My question is what does <passwd=-1> mean? It is trying to query ldap server for a user with uid=-1. It seems that it can't find the user with uid=-1 in local /etc/passwd file so it is trying to query ldap. But how can an user ends up with a uid=-1, can I configure nss to not query ldap if uid=-1?

To unsubscribe send an email to or see