Monthly Release Notes - July 2018
|Automate||Bytware||CCSS||Document Management (RJS)|
- Automate Schedule Ops Console for Insite
- Added capabilities to create the following Dashboard Widgets for Automate Schedule in Insite:
- Completed Jobs
- Current Status
- Ended Jobs
- Job Activity Summary
- Job Exception Summary
- Missed Jobs
- Pending Messages
- Started Jobs
- Submitted Jobs
- Terminated Jobs
- Today's Failed Jobs
Secure Insite access to Automate Schedule servers
Added scripts create-db-user.sh and create-db-user.exe to the Automate Schedule server. Running these scripts allows the user to configure a read-only user that Insite can use to access Automate Schedule’s database.
- Added capabilities to create the following Dashboard Widgets for Automate Schedule in Insite:
- Infrastructure upgrade
- Windows server and agent have been upgraded to run on 64-bit Java for improved security, increased performance, and new features.NOTE: The Automate Schedule server will no longer install on 32-bit Windows operating systems. A 32-bit Windows agent installer has been included on the Automate Schedule download page, and can only be used on 32-bit Windows operating systems, as well as Windows operating systems older than Windows 6.1 (Windows 7 and Windows 2008). 32-bit agents can no longer be updated from the product's user interface.
- Windows server and agent have been upgraded to run on 64-bit Java for improved security, increased performance, and new features.
- Downloading a Job Log while a job is running will work as expected.
PCL to PDF Converter
Requires OS 7.2 or higher.
- Fixed a problem with OS V7 compatibly.
- The performance of document indexing when full text search is active is greatly increased and processed separately from the standard key indexing.
- The criteria panel on the search page is now resizable and will remember the user's preference.
- The delay on key indexing has been removed so documents will show up in folders and searches more immediately.
- A link to the REST API documentation is now available to administrator users in the profile menu.
- The document result count per folder and document type now displays in the search criteria panel after performing a search.
- A document's Insert Date has been added to the document General Information display.
- The minimum version of the .NET Framework is now 4.7.1.
- The document approval interface now allows selecting predefined values for document fields that are configured for its document type.
- Webdocs users will now see direct links to the document approval interface for a document when browsing a document's details and the document is on a route step they are assigned to.
- An option to specify a secure connection to SQL Server has been added to the product installer.
- A document's assigned folder has been added to the document approval interface.
- Webdocs user IDs can now begin with numbers.
- The performance of requesting a very large list of Webdocs folders from the REST API is improved.
- License checks will no longer fail if there are multiple hardware devices with invalid IDs present on the server.
- Expiration dates on documents are now set correctly during a new check in from the web interface.
- Database scripts for updates no longer execute if the database feature is not selected during the upgrade installation process.
- Refresh tokens for the same user and client but different applications are now allowed to coexist.
Webdocs for IBM i
Requires OS 7.2 or higher.
- New RENAME parameter added to the DOCCHKIN command.
- New RENAME parameter added to the DOCCHKI command.
- Fixed page scrolling issue in the look-up window from the browser.
GoAnywhere MFT for Insite
- GoAnywhere MFT dashboard gadgets have been added to Insite. The following GoAnywhere MFT assets can be added to dashboards in Insite 2.4 and later:
- Service Status
- Recent Completed Jobs
- Recent Triggers
- Recent Blacklisted IP Addresses - Detail
- Recent Blacklisted IP Addresses - Summary
- Unresolved Jobs
- Recent Secure Mail Activity
- Top Web Users by Transfers
- Completed Jobs Count
- Service Statistics
- Job Statistics
- Expiring OpenPGP Keys - Detail
- Expiring OpenPGP Keys - Summary
- Top Secure Mail Users by Disk Usage
- Active Sessions
- Recent Web User Logins
- File Transfer Count
- Active Jobs
- Top Secure Mail Packages by Size
- Expiring SSL Certificates - Detail
- Expiring SSL Certificates - Summary
- Recent Web User Activity
- Recent File Activity
GoDrive for iOS
- Added support for TLS v1.1 and TLS v1.2.
- Updated the UI to support iPhone X.
- Multiple UI improvements related to syncing and unsyncing items, as well as when previewing files.
- Added more loading and progress dialogs to indicate the status of background processes.
- Improved the user experience when GoDrive doesn't have permission to access the camera.
- Improved the user experience when GoDrive doesn't have access to use cellular data.
- Fixed a crash that could happen when registration is denied.
- Fixed a crash that could happen when copying a document to GoDrive.
- Fixed an issue where multiple accounts could be registered at the same time.
IBM PowerHA SystemMirror for IBM i
Version: PTF 7.2/7.3 SI67828
- SE68810 PowerHA has been updated to properly handle the authorities needed to perform an automatic HyperSwap during a Live Partition Mobility operation.
- SE69047 In order to prevent extra HAI000C from being sent to QSYSOPR, PowerHA only verifies that the *CIMOM server is active on the system if there is a cluster monitor of type *CIMSVR. The HAI000C will no longer be sent to QSYSOPR in environments that do not have a *CIMSVR cluster monitor.
- Includes Dashboard support for Crypto Complete.
- Includes Dashboard support for Automate Schedule.
- Includes Dashboard support for GoAnywhere MFT.
- Includes Dashboard support for Powertech Event Manager.
- In Insite Analytics, the user can now override the default parameter values when downloading the results of a Query to a CSV.
- iASP support has been added for Powertech Network Security (Coming soon with 7.19 of Powertech Network Security).
- Includes Access Authenticator 1.3.1. See Access Authenticator.
- Includes Insite Analytics 1.1.1. See Insite Analytics.
A problem preventing the ability to sync a mobile device when the YubiKey device type is disabled has been resolved.
An issue preventing the ability to delete Access Authenticator users after a YubiKey or mobile device has been added has been resolved.
Fixed a couple label text issues when viewing shared dashboards.
Fixed a premature reload issue with concurrent editing of dashboards.
Fixed an issue that occurred when moving dashboards with the same name between folders.
Fixed an issue with the full screen button being present in widget edit mode in certain connection deletion/addition scenarios.
Fixed an issue with the side form display during concurrent editing of dashboards.
Fixed in issue with the PSH 'Reset Attempts by user' widget not displaying correctly on a shared dashboard.
Shared dashboards within folders were not being successfully deleted when deleting the folder in which they existed, but this has now been fixed.
Widget type 'Max/Min Chart' has been renamed 'Area Chart'.
- A check box has been added to the Graphics pane of Intermapper Preferences. It allows the label color, which normally controls the color of the outline for built-in shapes (rectangle, oval, wire, and cloud), to control the color of the shape's text.
- A new probe has been added. The Cisco Catalyst Switch probe monitors various configurations of fixed, modular, and stacked Cisco Catalyst switches. It has been tested with Catalyst 2960, Catalyst 3560, Catalyst 3750, Catalyst 3750X, and Catalyst 3850 switches.
- Chart data now displays consistently at the correct start times.
- When used by many devices, the SNMP Comparison Probe no longer fails intermittently.
- The descriptions for probes now use a consistent format.
- Link notifiers now send an "OK" notification whenever one or more non-OK link notifications have been sent. This fixes some circumstances where the "OK" was not sent.
- Links initially displayed as dotted lines are now updated promptly to their current state.
- Updated the Command-Line Example topic to use a simpler and more current example.
- Links are now updated in a timely manner, improving display of traffic animations.
- A number of fixes have improved stability.
- A number of improvements increase stability of interactions between Intermapper Server and Intermapper Remote Access while reducing system resource usage.
- Intermapper no longer creates unnecessary chart files for the Detection Map.
- Removed some memory leaks that resulted in reduced responsiveness of Intermapper Server over time.
- Intermapper now correctly identifies the operating system for Windows 8.1, 10, Server 2012 R2, and Server 2016.
- Documentation for editing and attaching Notifiers has been updated to match the current functionality.
- Reduced the number of link update checks to improve performance.
- Documentation now includes information about how to set all controls in a column to the same value using Alt-click (or Ctrl-click). The feature is available in a number of windows, and has been explained in the topic for each.
- Changes related to Intermapper Data Center have improved stability for Intermapper Server for Windows
To avoid this issue, see the Knowledgebase article Deleting 6.2.X Chart Data After Downgrade and follow the steps described there before you install 6.2.2. Using these steps, chart data from the time of the initial upgrade is removed, chart data from the time of reverting is retained, and chart data from the time of the new upgrade is available and correct.
- An issue preventing the ability to delete Access Authenticator users after a YubiKey or mobile device has been added has been resolved.
- A problem preventing the ability to sync a mobile device when the YubiKey device type is disabled has been resolved.
- Authority Broker now allows you to mask passwords on screen captures.
- The PABPWDMSK command has been added, which allows you to mask passwords on screen captures.
- A problem causing a "CCSID outside of valid range" error when switching profiles with the Password parameter has been resolved.
- A problem causing missing screen captures and failed swaps with Firecall has been resolved.
- Field type Hex is now allowed to be encrypted as type *CHAR when using the Field Registry.
- The Create Key Store (CRTKEYSTR) command AUT parm default has been changed to *USE.
- The Add Field Encryption Entry (ADDFLDENC) command parameter "Use DB2 field procedure" (USEFLDPROC) default has been changed to *YES.
- The Change Key Policy (CHGKEYPCY) command parameter "decrypt usage by owner" (DEKDECOWN) default has been changed to *YES.
- The IFS Server job process has been changed so that it is allowed to use Journal Receivers that are not in the same library as the Journal.
- The IFS Server job process has been changed so that it recognizes journal type PR. As such, the job now knows when a new Journal Receiver was attached when little encryption activity is occurring.
- The ability to filter by Status type in the Work with Field Encryption Registry program has been added.
- The ability to filter by Status type in the Work with IFS Encryption Registry program has been added.
- 75-character licensing has been added.
- The WRKFLDENC Work with Field Encryption screen has been fixed so that it stays on the current screen when options are selected.
- The WRSYMKEY Work with Symmetric Keys screen has been fixed so that it stays on the current screen when options are selected.
- The WRKIFSENC Work with IFS Encryption screen has been fixed so that it stays on the current screen when options are selected.
- The WRKCCALR Work with Security Alerts screen has been fixed so that it stays on the current screen when options are selected.
- The WRKEKM Work with External Key Managers screen has been fixed so that it stays on the current screen when options are selected.
- An issue with the return message when the connection to the External Key Manager cannot be made has been fixed.
- An issue with Delete Crypto Complete Alert (DLTCCALR) has been fixed. The *EKMGR category has been added.
- An issue with masking for O-type fields has been fixed.
- An issue causing the IFS server job to use an inappropriate date format has been fixed.
- IFS Encryption server job: An issue reading journal records that do not include job information that are derived from unencrypted directories has been fixed.
- AWS S3 Bucket Policies. Policy Minder now allows you to inspect and monitor your AWS S3 bucket settings across many buckets using Shared Bucket Policy. A Shared Bucket Policy can be assigned to multiple buckets in one or more AWS Accounts. Exceptions to the Shared Bucket Policy settings can be specified for individual buckets and bucket categories using Private Bucket Policies.
- AWS S3 Bucket Reports. The ability to report on AWS S3 Bucket Policy compliance has been added.
- "Notices.txt" has been added for documentation of third part attributions.
- Updates have been introduced to allow for SLES/SUSE 15 support.
- Policy Minder now includes CIS Templates for RHEL Linux 7.
- Policy Minder now includes CIS Templates for Oracle Enterprise Linux 7.
- Policy Minder now includes CIS Templates for CentOS 7.
- The ability to copy an AWS Account has been added.
- A custom 404 (page not found) error page has been added.
- Policy Minder now supports Ubuntu 16.04.
- Policy Minder now supports Ubuntu 18.04.
- The ability to delete expired licenses from the product License Manager has been introduced.
- Support for Amazon AWS Linux 2 servers has been added.
- Owner, Group, Permissions, and Check Sum attributes have been added to the Exported Directory compliance report.
- When CheckIt processes multiple servers, an error processing a single server now fails the process immediately after occurring.
- Stronger passwords are now required for Policy Minder administrators and user accounts for improved security.
- Issues updating the Tomcat web server during installation have been resolved.
- The Jackson Databind utility used by Policy Minder has been updated.
- Layout and styling changes to tables have been made in order to show additional data, and to address issues with tabbing, focus, and default actions.
- On Windows, the fact that Policy Minder does not support running using a 32 bit version of java is now indicated correctly during the installation process.
- The Policy Minder installer has been updated to require Java 1.8+ for the console server.
- Validation has been added for adding/editing Managed Keys.
- An issue displaying/closing the progress bar when adding a managed server has been resolved.
- The following file processing warning messages no longer fail CheckIt processing: "No such file or directory", "is not the name of a known user", and "is not the name of an existing group".
- Issues refreshing the parent (base) page following updates saved from a child maintenance dialog box have been resolved.
- The Jetty utility has been removed for improved security.
- Third party components have been updated to address CVE-2015-7940 and CVE-2014-3604 vulnerability.
- An issue causing problems connecting to a server that had been rebooted, which would result in a Connection Pool Error, has been corrected.
- Policy Minder updates no longer reset the Port back to default.
- The Linux File Policy processing has been updated to ignore "Permission denied" errors on Linux if the path includes .gvfs (special files that are not allowed to be accessed).
- Code has been removed that would skip restricted windows folders from processing. (Previously, the "C:Windows", "C:\$Recycle.Bin", "C:\Program Files", and "C:\Program Files (x86)" directories would be ignored when processing "C:\" sub-directories, or when processing them directly.
- The Windows connection pool now uses a unique server ID in order to prevent name clashes when verifying newly added servers.
- The maximum allowed runtime has been changed for some Windows Powershell commands. Most significantly, the command for retrieving a list of files and directories from a directory has been extended from 40 seconds to four minutes.
- An issue preventing the compliance status from being represented properly for the Server Group level on the Manage Servers screen has been resolved.
- A scroll bar calculation issue with tables has been resolved.
- Existing Tomcat configuration files are now preserved during installation.
- Policy Minder no longer leaves the progress window open if it fails to add a new Server due to no licenses being available.
- The AWS EC2 Instance Filters no longer ignore leading and trailing spaces in the filter values.
- Owner, Group, and Name values are now required for Windows File Policy Selection records.
- Warning: If you upgrade or update Policy Minder while it is running in SSL Mode, the existing "server.xml" file will be renamed to include a timestamp ("server.timestamp.xml") and a new standard "server.xml" will be installed. As such, you will need to re-apply the changes to the "server.xml" to make it run in SSL Mode again.
Fixed an issue with high CPU usage during real time disk collection when a library has been changed.
- There was an issue with MON706R not being updated with a newer fix version after an upgrade, but this has now been fixed.
Enhanced the user interface.
- (CAS-0010098675) Added UNBOUNDED setting for specifying a y-scale range to auto-scale the maximum and minimum range settings based on the values in a chart-interactive chart.
- (CAS-0010099841) Added the ability to handle using roles on LDAP Groups when using non-Active Directory (OpenLDAP) connections.
- (CAS-0010094238) Added all content in the source editor to ckeditor.
- (CAS-0010081752) Added the ability to display descriptive LDAP related login errors.
- (CAS-0010084491) Removed logging that was preventing emails from being sent.
- (CAS-0010089928) Updated the alt_name alias properties in a row processor and the last_date and config_date properties to reflect the latest values.
- (CAS-0010088014) Interactive charts now display items with backslash in their names by escaping the backslash characters.
TeamQuest Administration Console
(CAS-0010094546) Disabled ciphers using SHA1 Message Authentication.
(CAS-0010086097) Added a utility to delete unhealthy nodes.
(CAS-0010098835) Fixed systemctl access denied errors due to SELinux being enabled.
(CAS-0010094107) Removed "Max number of pipes in use." message from Windows System Activity Agent when using HOURLY for the "Check For Missing Statistics" setting.
(CAS-0010084946) Added capability for the Process Workload Agent on Linux systems to collect the last 2048 bytes of the process command line when the process command line is greater than 4096.
(CAS-0010085624) Updated the Libvirt Agent to use the Open Stack name instead of the Instance name when collecting against an Open Stack implementation.
(CAS-0010091818) Updated table data to show local time.
Vityl Capacity Management — Capacity Plans
Added support for creating plans for Linux and Microsoft Windows systems from Amazon CloudWatch.
Added support for creating plans for Amazon EC2 instances.
Added support for selecting a group of systems in a plan.
Added new wizard for creating a plan for upgrading or replacing the current platform.
Added capability to override workload and virtual machine attributes.
(CAS-0010084618) Updated documentation for connecting to SSL ports using Security Enhanced Linux (SELinux).
Vityl Capacity Management — Performance Monitor
Performance Monitor has been released as part of Vityl Capacity Management. Performance Monitor supports analyzing performance metrics collected by our lightweight collectors from both Linux and Docker environments. Our collector plugin technology allows you to include performance metrics from 3rd party or proprietary sources.
Key features being released as part of the Performance Monitor component of Vityl Capacity Management are as follows:
- Easily deployed collectors for Linux and Docker environments
- Collector administration for configuring metric collection and retention intervals
- Collector plug-in technology allows you to build user-defined collectors for 3rd party data sources
- Performance overview and detailed metrics reporting views
- Restful API to use performance metrics in 3rd party applications
Added support for Apache Tomcat version 8.5.30 to include the latest security updates.
(CAS-0010094546) Disabled ciphers using SHA1 Message Authentication.