Environment
NetIQ eDirectory 9.0.2
Situation
Previously, if httpstk and iMonitor were disabled the server would still listen on ports 8028 and 8030. This was due to FLAIM loading the httpstk module to serve its coredb page.
In 9.0.2 disabling the modules that use httpstk will also disable listening on the ports altogether. FLAIM will respect the settings in ndsmodules.conf.
In 9.0.2 disabling the modules that use httpstk will also disable listening on the ports altogether. FLAIM will respect the settings in ndsmodules.conf.
Resolution
1. Rem out the modules that rely on httpstk from the /etc/opt/novell/eDirectory/conf/ndsmodules.conf file. The entries rem'd out can be seen in bold below:
# ndsmodules.conf: NDS Module Description File
# This file describes the modules to be loaded at bootup. Note that modules
# that need to be loaded would have auto flags set. Other modules can also
# be present here if a default command line need to be specified. Modules
# will be loaded in the order that's listed here.
#
# Syntax:
# modulename flags cmdline
# Each line in this file represents a modulename. It should not
# contain prefix(lib) or suffix(.so, .la etc.). We'll look at a
# corresponding .la file to pickup the correct modulefile.
# flags: should be a comma seperated (no whitespace) list of valid options.
# auto -> autoloaded when dhost comes up
# system -> Will not be unloaded.
# fail -> Treat as an error and exit if loading fails.
# noop -> No flags. MUST for specifying command line without any flags
#
dhlog auto,fail #DHost logger
ncpengine auto,system,fail #Core NCP Services
dsloader auto,system,fail #Loader
masv auto,system,fail #Modular Authentication Services
nds auto,system,fail #Core DS Services
niciext auto
gams auto
snmp auto #snmp
#httpstk auto #DHost HTTP Stack
#hconserv auto #HConServ
nldap auto #LDAP Server
#imon auto #iMon
#embox auto #eMBox
pkiserver auto #PKI server
ssncp auto #SecretStore
2. Save the file and restart ndsd
ndsmanage stopall
ndsmanage startall
3. Verify with netstat:
netstat -na |grep 8030
# ndsmodules.conf: NDS Module Description File
# This file describes the modules to be loaded at bootup. Note that modules
# that need to be loaded would have auto flags set. Other modules can also
# be present here if a default command line need to be specified. Modules
# will be loaded in the order that's listed here.
#
# Syntax:
# modulename flags cmdline
# Each line in this file represents a modulename. It should not
# contain prefix(lib) or suffix(.so, .la etc.). We'll look at a
# corresponding .la file to pickup the correct modulefile.
# flags: should be a comma seperated (no whitespace) list of valid options.
# auto -> autoloaded when dhost comes up
# system -> Will not be unloaded.
# fail -> Treat as an error and exit if loading fails.
# noop -> No flags. MUST for specifying command line without any flags
#
dhlog auto,fail #DHost logger
ncpengine auto,system,fail #Core NCP Services
dsloader auto,system,fail #Loader
masv auto,system,fail #Modular Authentication Services
nds auto,system,fail #Core DS Services
niciext auto
gams auto
snmp auto #snmp
#httpstk auto #DHost HTTP Stack
#hconserv auto #HConServ
nldap auto #LDAP Server
#imon auto #iMon
#embox auto #eMBox
pkiserver auto #PKI server
ssncp auto #SecretStore
2. Save the file and restart ndsd
ndsmanage stopall
ndsmanage startall
3. Verify with netstat:
netstat -na |grep 8030