There was an allow file that was configured incorrectly. They went to fix it and created a backup file of it in the access.d directory. QAS detected a file in the directory /etc/opt/quest/vas/access.d that had an unknown extension which caused reprocessing of allow groups. The AD groups in the allow file had over 40k members so there was a lot of processing happening. This change was going out to 4k machines.
Product Defect: 801076 - backup file in access.d triggers AD flood
Pending fix in a future release of the product.