nscd error msg help

Are both server and client patched to latest kernel+LDAP patches, and server at Patch_4 level?

Check the access and/or errors log file at the time of error, what was it trying to search and if the filter used is valid.

More details are needed.

Gary

GaryTay at 2007-7-5 14:17:55 >

I believe a lot of these LDAP ERROR (87) are not harmful.

Look at the msgs in /var/adm/messages preceeding them, some hacker or unsolicited client (eg: SMSService from some Windows hosts) might have hit the Solaris 9 LDAP Client and issued Bad or Incompatible LDAP search requests.

Just my wild guess.

What you may want to do: remove unwanted services like the followings in /etc/inet/inetd.conf and run

# kill -HUP <pid_of_inetd>

Gary

#systat stream tcpnowait root/usr/bin/ps ps -ef

#netstatstream tcpnowait root/usr/bin/netstatnetstat -f inet

#

# Time service is used for clock synchronization.

#

#

# Echo, discard, daytime, and chargen are used primarily for testing.

#

#echostream tcp6nowait rootinternal

#echodgramudp6waitrootinternal

#discardstream tcp6nowait rootinternal

#discarddgramudp6waitrootinternal

#daytimestream tcp6nowait rootinternal

#daytimedgramudp6waitrootinternal

#chargenstream tcp6nowait rootinternal

#chargendgramudp6waitrootinternal

#

#

# RPC services syntax:

# <rpc_prog>/<vers> <endpoint-type> rpc/<proto> <flags> <user> \

# <pathname> <args>

#

# <endpoint-type> can be either "tli" or "stream" or "dgram".

# For "stream" and "dgram" assume that the endpoint is a socket descriptor.

# <proto> can be either a nettype or a netid or a "*". The value is

# first treated as a nettype. If it is not a valid nettype then it is

# treated as a netid. The "*" is a short-hand way of saying all the

# transports supported by this system, ie. it equates to the "visible"

# nettype. The syntax for <proto> is:

#*|<nettype|netid>|<nettype|netid>{[,<nettype|netid>]}

# For example:

# dummy/1tlirpc/circuit_v,udpwaitroot/tmp/test_svctest_svc

#

# Solstice system and network administration class agent server

#100232/10tlirpc/udp wait root /usr/sbin/sadmindsadmind

#

# rpc.cmsd is a data base daemon which manages calendar data backed

# by files in /var/spool/calendar

#

#

# Sun ToolTalk Database Server

#

#100083/1tlirpc/tcp wait root /usr/dt/bin/rpc.ttdbserverd rpc.ttdbserverd

#

# Sun KCMS Profile Server

#

#100221/1tlirpc/tcp wait root /usr/openwin/bin/kcms_server kcms_server

#

# Sun Font Server

#

#

# CacheFS Daemon

#

# OCFSERV - OCF (Smart card) Daemon

# KTKT_WARND - Kerberos V5 Warning Messages Daemon

#100134/1tlirpc/ticotsordwaitroot/usr/lib/krb5/ktkt_warnd ktkt_warnd

# Kerberos V5 DB Propagation Daemon

#krb5_propstream tcpnowait root/usr/lib/krb5/kpropdkpropd

# GSSD - GSS Daemon

# METAD - SLVM metadb Daemon

# METAMHD - SLVM HA Daemon

# METAMEDD - SLVM Mediator Daemon

# LPD - Print Protocol Adaptor (BSD listener)

# RQUOTAD - rquotad server supports UFS disk quotas for NFS clients

#rquotad/1tlirpc/datagram_v waitroot/usr/lib/nfs/rquotad rquotad

# REXD - rexd server provides only minimal authentication

#rexd/1 tlirpc/tcp waitroot/usr/sbin/rpc.rexd rpc.rexd

# UUCPD - uucp daemon (must run as root to read /etc/shadow)

#uucpstream tcpnowait root/usr/sbin/in.uucpdin.uucpd

# RSHD - rsh daemon (BSD protocols)

#shell stream tcpnowait root/usr/sbin/in.rshdin.rshd

#shell stream tcp6nowait root/usr/sbin/in.rshdin.rshd

# RLOGIND - rlogin daemon (BSD protocols)

#login stream tcp6nowait root/usr/sbin/in.rlogindin.rlogind

# REXECD - rexec daemon (BSD protocols)

#execstream tcpnowait root/usr/sbin/in.rexecdin.rexecd

#execstream tcp6nowait root/usr/sbin/in.rexecdin.rexecd

# COMSATD - comsat daemon (BSD protocols)

#comsat dgramudpwaitroot/usr/sbin/in.comsatin.comsat

# TALKD - talk daemon (BSD protocols)

#talkdgramudpwaitroot/usr/sbin/in.talkdin.talkd

# FINGERD - finger daemon

#finger stream tcp6nowait nobody /usr/sbin/in.fingerdin.fingerd

# RSTATD - rstat daemon

#rstatd/2-4tlirpc/datagram_v waitroot/usr/lib/netsvc/rstat/rpc.rstatdrpc.rstatd

# RUSERSD - rusers daemon (gives out user information)

#rusersd/2-3tlirpc/datagram_v,circuit_vwaitroot/usr/lib/netsvc/rusers/rpc.rusersdrpc.rusersd

# RWALLD - rwall daemon (allows others to post messages to users)

# SPRAYD - spray daemon (used for testing)

#sprayd/1tlirpc/datagram_v waitroot/usr/lib/netsvc/spray/rpc.spraydrpc.sprayd

# Standard Type Services Framework (STSF) Font Server

# TFTPD - tftp server (primarily used for booting)

#tftpdgramudp6waitroot/usr/sbin/in.tftpdin.tftpd -s /tftpboot

# TNAMED - tname server (it is an obsolete IEN-116 name server protocol)

#namedgramudpwaitroot/usr/sbin/in.tnamedin.tnamed

# TELNETD - telnet server daemon

# FTPD - FTP server daemon

# smserverd to support removable media devices

#100155/1tlirpc/ticotsordwaitroot/usr/lib/smedia/rpc.smserverd rpc.smserverd

GaryTay at 2007-7-5 14:17:55 >