I recently notice, Symantec End Point spontaneously changed group to "avdefs", when some new change is introduced e. g. creating new sftp directories etc. It seems problems occur during Symantec installation "avdefs" is a group local to the system (i.e., not in LDAP), so it's important to have it not conflict with existing LDAP groups Pasted output below:
On stage-rtr1:
[root@stage-rtr1 ~]# grep avdefs /etc/group
avdefs:x:501:
[root@stage-rtr1 ~]# ldapsearch -x cn=cacheusr -b "ou=posixGroups,dc=healthix,dc=org"
...
gidNumber: 501
...
cn: cacheusr
During our conversation we came to a conclusion, the possible solution to this is:
Prompt us to enter correct group number.
Query LDAP database for unused Group numbers.
Can code be modified so that “avdefs” group can be changed to a different group number. We cannot change our software and there is a conflict between the two groups?
Thanks,
Michael
Please feel free to contact me if any questions arise.
Michael Verbitsky
Systems Engineer