We had a curious thing occur -- I will explain as best I can. Gradually, over the course of a few weeks, many but not all of our workstations (with users logged in) started hammering the hell out of the Domain Controllers in our environment. This resulted over time in bringing a number of them down and increasing congestion over the network. Turns out that ldapwhoami.exe was the culprit and it was repeatedly attempting, hundreds a second, to try to reach an AD OU. The process was running at 40% on the workstation. When the OU was created, apparently authenticated users did not have read or write permissions and it was felt that those rights were not necessary. Once they started dumping users into the OU and those users would log in, ldapwhoami.exe would try to update the inventory but it would fail at that OU and retry continuously (indefinitely). When we gave read permissions to the OU all of our problems went away.
Question is...Is this a bug or would this be attributed to normal behaviour? You would think that after a few failed attempts that ldapwhoami.exe would stop trying until the next inventory scan at least and not run continous on the machine.