Watching the CIFS logs on several CIFS enabled SLES10.2/OES2.1 servers /var/log/cifs/cifs.log we are getting a lot of the following:

May 19 11:00:40 OES2SP1BOX CIFS[7807]: CRITICAL: AUTH: Failed to fetch credentials of User :
Nmasldap-error : -1659 , ProxyUser- cn=ldapcifs,ou=context,o=TREE . Check Configuration
May 19 11:00:40 OES2SP1BOX CIFS[7807]: WARNING: CODIR: Failed to authenticate User : BloggsJ
Now I understand why we get the error messages, what is mystifying is why the connections are being attempted in the first place. The users are not actively initiating these connection attempts. There is some background process at work here which I don't yet understand.