Name: 7.2.1.1-TIV-NCOMNIbus-FP0001
Before installing this fix, ensure that all Tivoli Network Management applications installed in $NCHOME have been shutdown.
Enter the following command to install this fix interactively, replacing the arch placeholder with the string identifying your platform:
$NCHOME/install/ncisetup -install 7.2.1.1-TIV-NCOMNIbus-arch-FP0001.jar
Enter the following command to install this fix non-interactively, replacing the arch placeholder with the string identifying your platform:
$NCHOME/install/ncisetup -install 7.2.1.1-TIV-NCOMNIbus-arch-FP0001.jar -silent
Before installing this fix, ensure that all Tivoli Network Managment applications on your computer have been shutdown.
Extract the contents of 7.2.1.1-TIV-NCOMNIbus-win32-FP0001.zip into a temporary location, and double-click setup.exe to install this fix.
The following defect solutions are included in this release:
Store-and-forward (SAF) functionality in the Probe API is
enhanced to minimize event loss during ObjectServer failover. If
a connection to an ObjectServer is lost, when the probe connects
to the backup ObjectServer, the probe replays the last
RollSAFInterval seconds of events to the ObjectServer.
The following new properties have been added to the libOpl
library:
1)
RollSAFInterval:90
Type: INT
Value: >= 1.5 * Granularity of ObjectServer in failover pair
Purpose: Specifies the time interval in seconds after which the
SAF file is rolled over to the next file. This should be set to a
value that is greater than the granularity of the ObjectServer to
minimise event loss. The default is 90s.
2)
SAFPoolSize : 3
Type: INT
Value: >0
Purpose: Specifies the number of files in the pool that can be
used to store events when the probe is running in SAF mode.
The ObjectServer changes required for this functionality to work
include:
1) Add a new column ProbeSubSecondId (int) to the alerts.status
table in a failover pair of ObjectServers.
The default value for this field is 0. The probe will assign the
incremented value to the ProbeSubSecondId field for those events
that have the same LastOccurrence value.
2) Add the ProbeSubSecondId column to the gateway map.
3) Replace the deduplication trigger in the failover pair of
ObjectServers as follows:
create or replace trigger deduplication
group default_triggers
debug false
enabled true
priority 1
comment 'Deduplication processing for ALERTS.STATUS'
before reinsert on alerts.status
for each row
begin
if ( (old.LastOccurrence > new.LastOccurrence) or ( (
old.ProbeSubSecondId >= new.ProbeSubSecondId)
and (old.LastOccurrence = new.LastOccurrence) ) ) then
cancel;
else
set old.Tally = old.Tally + 1;
set old.LastOccurrence = new.LastOccurrence;
set old.StateChange = getdate();
set old.InternalLast = getdate();
set old.Summary = new.Summary;
set old.AlertKey = new.AlertKey;
set old.ProbeSubSecondId = new.ProbeSubSecondId;
if (( old.Severity = 0) and (new.Severity > 0))
then
set old.Severity = new.Severity;
end if;
end if;
end
Known Issue:
Circular store-and-forward functionality does not behave as expected on ObjectServer failback if a probe is configured to use a virtual ObjectServer definition for the Server property.
Workaround:
Configure the probe to use a primary ObjectServer for the Server property and a backup ObjectServer (with BackupObjectServer: TRUE) for the ServerBackup property.
The Windows Filter Builder did not handle strings containing escaped single quotes correctly. This has been fixed.
On HP-UX, host names were truncated to 8 characters, which was causing the Oracle Gateway to fail. This has been fixed.
When running the Windows event list with the -config command-line option, opening remote event list configuration (.elc) files by using FTP could fail. This has been fixed.
The default directory for the process agent running as a Win32 service is now OMNIHOME/log. Unless otherwise specified, this will also be the default working directory of any child processes that are spawned by the process agent. Previously, the working directory was %SYSTEMROOT%\win32.
The ObjectServer gateways no longer exit when an invalid transfer command is received. Previously, issuing the command "TRANSFER 'tablename' FROM NCOMS TO NCOMS1;" via nco_sql, could cause the process to exit. This issue has been fixed.
On Windows, it is possible to use the SIGHUP signal to make probes re-read their rules files. This only works for probes running under process control. Use the Netcool/OMNIbus Administrator GUI to generate the SIGHUP signal.
The process agent now logs the failure to resolve reverse host name lookup of an IPv6 address only as a WARNING. Previously, it was logged as an ERROR although the program was able to continue.
When using the SSL certificate migration tool nco_ssl_migrate with the -auto option to migrate the digital certificate of an ObjectServer from V3.6 to V7.2.1 on Windows, the properties file for the ObjectServer could not be located. This has been fixed.
If a host name was specified in the process agent configuration file and it failed to resolve, the error message would be logged at the informational level. This has been raised to the warning level.
When using the SSL certificate migration tool nco_ssl_migrate with the -auto option to migrate the digital certificate of an ObjectServer on UNIX, ObjectServer entries that had both SSL and unencrypted ports configured could not be processed. This has been fixed.
A new "-elc" command-line option is added to NCOConductor.exe. This option affects all the event list instances invoked from the Conductor menu for that instance of the Conductor. This feature provides similar functionality to the "-config/elc" option of the event list.
When the ObjectServer is run on Windows 2003 and IPv6 is installed, IDUC connections might fail when connecting using IPv4. This has been fixed.
The SSL certificate migration tool (nco_ssl_migrate) now expands environment variables from the Ipc.SSLCertificate or SSLCertificate properties when performing automatic migration. Any environment variable (for example, ENV) will be expanded if it takes the following form:
$ENV
${ENV}
%ENV% (Windows only)
UNIX environment variables are case-sensitive. Windows environment variables are not case-sensitive.
If the "-fromnchome" or "-fromomnihome" command-line options are supplied, these are used as the environment variables for NCHOME and OMNIHOME respectively. See below for the order in which the variables are used:
NCHOME: "-fromnchome", "-fromomnihome"
OMNIHOME: "-fromnchome"/omnibus, "-fromomnihome"
A new property has been added to the ObjectServer: RestrictionFiltersAND -restrictfiltersand
This property controls how user restriction filters and group restriction filters are concatenated. The property is set for the system and not per user. Changes to the property come into effect only after the ObjectServer is restarted. The default setting is "true". The values for this property are as follows:
false: All restriction filters are combined using the OR operator. For example, user_rf OR group1 OR group2.
true: All restriction filters are combined using the AND operator. For example, user_rf AND group1 AND group2.
This internal update is in preparation for updates to some gateways on the Windows platform.
All Netcool components can now be installed as Win32 services, even when installed with arbitrarily long command-line arguments.
The following permissions are added to the default AlertsGateway role. This prevents "permission denied" errors being logged when ObjectServer gateways connect to the ObjectServer as a user belonging to the Gateway group.
grant select on table master.servergroups to role 'AlertsGateway';
grant insert on table master.servergroups to role 'AlertsGateway';
grant update on table master.servergroups to role 'AlertsGateway';
grant delete on table master.servergroups to role 'AlertsGateway';
grant raise on signal gw_counterpart_down to role 'AlertsGateway';
grant raise on signal gw_counterpart_up to role 'AlertsGateway';
grant raise on signal gw_resync_start to role 'AlertsGateway';
grant raise on signal gw_resync_finish to role 'AlertsGateway';
These permissions are in the security.sql file, and so are automatically added to any new ObjectServers that are created using nco_dbinit.
For existing ObjectServers, the above commands must be applied to a running ObjectServer by using nco_sql or nco_config.
A number of problems relating to the processing of SQL elseif statements have been fixed.
1. A sub-select query would cache result sets when it formed part of an elseif statement in a trigger.
2. The cancel command would be incorrectly permitted in a post database action trigger when the command was contained within an elseif statement.
3. A "for each" row loop containing an insert into the table being indexed by the loop would be incorrectly permitted when the insert statement was contained in an elseif statement.
Existing triggers that should not have been permitted will be dropped when the ObjectServer is restarted. A message will be logged if any triggers are dropped.
Previously, the ObjectServer would exit if a nested subselect statement used a function. For example, the following SQL command would cause the ObjectServer to exit:
select FullName from security.users where UserID in (select UserID from security.group_members where GroupID in (select OwnerGID from alerts.status where hourofday(LastOccurrence) < 23))
This has been fixed.
The process agent (nco_pad) no longer sends service record changes to other process agents. This used to cause corruption or invalid information in nco_pa_status output, and has been fixed.
Files created using the "CREATE FILE" SQL command would have incorrect permissions on rollover. This has been fixed.
Journal entries over 250 characters in length are no longer corrupted when submitted using the Windows event list.
Integer values used in dynamic prompt tools are no longer corrupted in the Windows event list.
The UNIX event list now silently handles embedded carriage returns in external tools that previously caused execution errors.
There is no longer a memory leak in the ObjectServer when the system backup sql statement is executed.
There is no longer a memory leak in the ObjectServer when an external procedure is created.
The Event List will now check the status of the connection to the master ObjectServer before commencing a resync operation in Dual Server Desktop mode. The connection will be re-established if necessary. Previously the EventList would fail to re-establish a lost connection.
Previously, the result of the SQL to_date function could be wrong by one hour due to incorrect handling of daylight saving time. This problem has been fixed.
Under some circumstances an ObjectServer running on a Windows 2003 server with both IPv4 and IPv6 enabled would not accept connections correctly from Event Lists and gateways. This issue has been fixed.
Previously the ObjectServer failed when creating a pre-database insert trigger that passed a new.field value to a procedure. This has been fixed.
This change provides functionality in Netcool/OMNIbus libraries that is required by some probes. Users of v7.2.1 should apply this fix instead of the patch common-libncrypt-1_0.
| nco_libOpl | 5.11.28 |
| nco_libnobjserv | 5.11.28 |
| nco_libPa | 5.11.28 |
| nco_libnetcool | 5.11.29 |
| nco_objserv | 5.11.28 |
| nco_libncmd | 5.11.28 |
| nco_libngobjserv | 5.11.28 |
| nco_libDaemon | 5.11.28 |
| nco_pad | 5.11.28 |
| nco_desktop_dll | 5.11.28 |
| nco_libngtk | 5.11.28 |
| nco_g_crypt | 5.11.28 |
| nco_ssl_migrate | 5.11.31 |
| nco_g_objserv_bi | 5.11.28 |
| nco_patching | 5.11.28 |
| nco_store_resize | 5.11.28 |
| nco_dbinit | 5.11.28 |
| nco_elct | 5.11.28 |
| nco_libnproc | 5.11.31 |
| nco_eventlist | 5.11.28 |
| nco_conductor | 5.11.28 |
| nco_check_store | 5.11.28 |
| nco_crypt | 5.11.28 |
| libncrypt | 1.0.5 |
| nco_libnregion | 5.11.28 |
| nco_libnstore | 5.11.28 |
| nco_get_login_token | 5.11.28 |
| nco_ping | 5.11.28 |
| nco_network_ipv6 | 5.11.28 |
| nco_libniduc_server | 5.11.28 |
| nco_g_objserv_uni | 5.11.28 |