Error message in unifid.log

Hello,

An agent has been removed from the npam manager because the server was shut down, after a few months the server was turned on again, now in the unifid.log the following errors are shown:

-Error, No service registration record for npam-agent: uIspj9LjTfQu88ell7l78rzsljY = <10.0.1.120>
-Info, registry svcRegister client: npam-agent rc: 0 status: 500 (Unauthorized service registration) (1ms)

Obviously the error is derived to the npam service continues running on the server, the possible solutions is to uninstall the agent on the server so that the error in the unifid.log is no longer displayed.

Because the server is not accessible and the server does not require the npam agent, is there a method for the error messages shown in the unifid.log to no longer be displayed? because it is no longer in the hosts section of the console.

I appreciate the support. Greetings.
  • It might be easiest to just add an iptables rule that blocks anything
    going to the PUM/PAM sockets from this particular source address.
    Assuming the IP address is 10.0.1.120, something like this would do the
    trick, though keep in mind this is not a persistent (across reboots, or
    other firewall "restarts") change, so depending on your system you would
    need to make it persistent:


    iptables -I INPUT -m tcp -p tcp -s 10.0.1.120 -j REJECT --reject-with
    icmp-port-unreachable


    --
    Good luck.

    If you find this post helpful and are logged into the web interface,
    show your appreciation and click on the star below.

    If you want to send me a private message, please let me know in the
    forum as I do not use the web interface often.
  • It's a very good trick and it works, I appreciate the support. :cool:

    On the side of the NPAM console, is there an alternative?
  • There is nothing in the PAM Console to block Agents from communicating with their managers. The installed Agent will continue to attempt to contact the Manager, which will report that there is no service registration record available for that Agent. In order to manage this, communication must not reach the Manager from that Agent. Since the Agent server is "not accessible," then sadly it can't be uninstalled I suppose (i.e. Removing the Agent Components), correct? If uninstalling the Agent on that server is not possible, then the suggestion provided by ab is good, as it would prevent the request from reaching the PAM Manager application. If you wanted to just block incoming traffic from that ip address via tcp port 29120 to the manager server, that would do the trick as well. Or block outgoing traffic from that Agent server on tcp port 29120 somewhere in the network infrastructure.
  • Thank you very much, I will apply the solution of ab. Thank you both for the support.