DELL Unity: NAS Server Performs Multiple LDAP Queries Every 5 Minutes

Summary: Network Attached Storage (NAS) runs Lightweight Directory Access Protocol (LDAP) searches every 5 minutes with a one‑level scope per container to verify objects and attributes; alerts only on failure. (User Correctable) ...

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Symptoms

Each Unity NAS server runs an LDAP search, usually with a scope limit of one, on each attribute for each container configured in the ldap.conf at intervals of approximately 5 minutes.

 

Cause

This is working as designed.

A NAS server searches to ensure that each attribute in each container is present on the LDAP server to confirm the configuration of the LDAP service is still valid, and the searches are functioning. With a scope of one, the LDAP server returns one entry. This is part of normal operations on Unity.

Example containers:

nss_base_passwd     cn=Domain Users,ou=Users Location,dc=mydomain,dc=com?one
nss_base_group      cn=Domain Users,ou=Users Location,dc=mydomain,dc=com?one
nss_base_hosts      cn=Computers,dc=mydomain,dc=com?one
nss_base_netgroup   cn=netgroup,cn=mydomain,cn=DefaultMigrationContainer30,dc=mycomain,dc=com?one

The "one" at the end of each line is the scope of the search. If not specified, the default is one. Scope can have these possible values: base, one, sub

In triaged Service Data, files such as:

\spX\cmd_outputs\nas\VDM_YY\_server_config_SVDM_A_-v_YY_ns_ldap_info_verbose_.txt

This shows the LDAP configuration as seen by the NAS server. X represents the SP and YY is the VDM number. The scope of the search is shown in brackets.

 

Resolution

This is working as designed.
See this KB for information about LDAP configuration troubleshooting, ldap.conf file editing, and sample ldap.conf file:
488258: Dell Unity: File : LDAP configuration issues troubleshooting (A Dell Support account is required to view this article)

 

Additional Information

A sample "_server_config_SVDM_A_-v_YY_ns_ldap_info_verbose_.txt" file is shown below:

1555596523: LDAP: 6: LDAP domain:      xxxxxxx.com
1555596523: LDAP: 6: State:            Configured - Connected
1555596523: LDAP: 6: Schema:           Active Directory
1555596523: LDAP: 6: Base dn:          DC=xxxxxxx,DC=com
1555596523: LDAP: 6: Bind dn:          CN=Unity,OU=DataCenter,DC=xxxxxxx,DC=com
1555596523: LDAP: 6: Auto-Discovery:   DNS - TTL: 1200 s - Next refresh in 1002 s
1555596523: LDAP: 6: Configuration:    File: ldap.conf - TTL: 1200 s - Next refresh in 1002 s
1555596523: LDAP: 6: LDAP server #0:   10.xx.xx.xx - Port: 389 - Active
1555596523: LDAP: 6:     SSL:          Not enabled
1555596523: LDAP: 6:     Naming ctx:   (baseDn is ticked)
1555596523: LDAP: 6:                   [x] DC=xxxxxxx,DC=com
1555596523: LDAP: 6:                   [ ] CN=Configuration,DC=xxxxxxx,DC=com
1555596523: LDAP: 6:                   [ ] CN=Schema,CN=Configuration,DC=xxxxxxx,DC=com
1555596523: LDAP: 6:                   [ ] DC=DomainDnsZones,DC=xxxxxxx,DC=com
1555596523: LDAP: 6:                   [ ] DC=ForestDnsZones,DC=xxxxxxx,DC=com
1555596523: LDAP: 6:     Containers:   (no [scope] means ignored, unless parent container with sub scope is valid)
1555596523: LDAP: 6:         Passwd:   Class: User - Attributes: uid, uidNumber, gidNumber, unixUserPassword, unixHomeDirectory
1555596523: LDAP: 6:                   [   ] CN=Computers,DC=xxxxxxx,DC=com
1555596523: LDAP: 6:                   [one] CN=Users,DC=xxxxxxx,DC=com - prefix=CN
1555596523: LDAP: 6:         Group:    Class: Group - Attributes: gidNumber, member
1555596523: LDAP: 6:                   member syntax is DN (Windows)
1555596523: LDAP: 6:                   [one] CN=Users,DC=xxxxxxx,DC=com - prefix=CN
1555596523: LDAP: 6:         Hosts:    Class: Computer - Attributes: ipHostNumber
1555596523: LDAP: 6:                   [one] CN=Computers,DC=xxxxxxx,DC=com - prefix=CN
1555596523: LDAP: 6:         Netgroup: Class: nisNetgroup - Attributes: nisNetgroupTriple, memberNisNetgroup
1555596523: LDAP: 6:                   [one] cn=netgroup,cn=xxxxxxx,cn=DefaultMigrationContainer30,DC=xxxxxxx,DC=com

If an LDAP search fails, then Unity posts a warning alert "LDAP client settings on NAS server MMMMMMM are not valid within domain NNNNNNN.com."

The customer should verify that at least an object (with attributes set) exists in each container. For instance, there should be a netgroup object with attributes nisNetgroupTriple and memberNisNetgroup in the container "cn=netgroup,cn=xxxxxxx,cn=DefaultMigrationContainer30,DC=xxxxxxx,DC=com."

 

Affected Products

Dell EMC Unity Family

Products

Dell EMC Unity Family
Article Properties
Article Number: 000056953
Article Type: Solution
Last Modified: 17 Apr 2026
Version:  5
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.