Name: 7.2.1.2-TIV-NCOMNIbus-FP0002
Before installing this fix, ensure that all Tivoli Network Management applications installed in $NCHOME have been shutdown.
Enter the following command to install this fix interactively, replacing the arch placeholder with the string identifying your platform:
$NCHOME/install/ncisetup -install 7.2.1.2-TIV-NCOMNIbus-arch-FP0002.jar
Enter the following command to install this fix non-interactively, replacing the arch placeholder with the string identifying your platform:
$NCHOME/install/ncisetup -install 7.2.1.2-TIV-NCOMNIbus-arch-FP0002.jar -silent
Before installing this fix, ensure that all Tivoli Network Managment applications on your computer have been shutdown.
Extract the contents of 7.2.1.2-TIV-NCOMNIbus-win32-FP0002.zip into a temporary location, and double-click setup.exe to install this fix.
The following defect solutions are included in this release:
A Tivoli Netcool/OMNIbus component that has been installed as a service on Windows can be run from the command line if the service is stopped. Command-line arguments that were specified during the installation of the service are merged with the arguments specified on the command line. In case of conflict, precedence is given to the arguments specified on the command line. The console output now displays those arguments that have been merged.
Three columns that were added to the alerts.status table for IBM Tivoli Network Manager were missing from the default ObjectServer gateway mapping files. In addition, some of the mapping commands for the Tivoli Network Manager columns were incorrect.
The following columns have been added to the map files.
'NmosDomainName' = '@NmosDomainName',
'NmosEntityId' = '@NmosEntityId',
'NmosManagedStatus' = '@NmosManagedStatus' ,
Use the following setup for the Tivoli Network Manager columns in the .map file for both the unidirectional and bidirectional ObjectServer gateways.
'NmosSerial' = '@NmosSerial',
'NmosObjInst' = '@NmosObjInst',
'NmosCauseType' = '@NmosCauseType',
'NmosDomainName' = '@NmosDomainName',
'NmosEntityId' = '@NmosEntityId',
'NmosManagedStatus' = '@NmosManagedStatus' ,
'LocalNodeAlias' = '@LocalNodeAlias' ON INSERT ONLY,
A memory corruption that caused ObjectServer gateways to fail intermittently on Windows operating systems has been fixed.
The ObjectServer was not passing the value specified for the group ID of an external procedure to the process agent. This meant all processes were run with the group ID set to 0. This is now fixed.
Unusually long SQL conditions caused the stack to overflow. The stack size has been increased to accommodate this issue.
The ObjectServer gateway generated errors and failed to resynchronize when the IDUCFlushRate property was set to a value greater than 0 and the flush rate was faster than the amount of time taken to perform the resynchronization. This is now fixed.
On Linux on System z, running external procedures could cause the ObjectServer to fail. This has been fixed.
A probe that was configured to use circular store-and-forward functionality replayed its history with each polling cycle when a virtual ObjectServer definition was used for the Server property. This is now fixed.
When either the unidirectional or bidirectional ObjectServer gateway was configured to transfer alerts.journal table data from a V3.6 or earlier ObjectServer to a V7.2 ObjectServer, the gateway failed. This has been fixed.
Probes can be configured to use the legacy store-and-forward or circular store-and-forward option by using the following property:
StoreAndForward: [ 0 | 1 | 2 ]
Type: INTEGER
Default Value: 1
The values are represented as follows:
0 - Do not use store-and-forward
1 - Legacy store-and-forward
2 - Circular store-and-forward
Netcool/OMNIbus Administrator (nco_config) now correctly differentiates between parameters and literal host names when configuring ObjectServer external procedures.
When running nco_pad with the default option '-authenticate UNIX', it was not possible to use passwords that had been protected with the nco_pa_crypt utility. This affected the ObjectServer PA.Password property when nco_pad was running in secure mode, and also affected connections from nco_pa_* utilities. This has been fixed.
A communication failure that occurred between the proxy server and clients running on a different endian architecture has been fixed. One example of this problem occurred between a probe running on a Windows x86 operating system, and a proxy server and ObjectServer running on a UNIX (PPC, SPARC) operating system.
Previously, an SQL interactive interface (nco_sql) client was unable to connect to the ObjectServer when connecting from a proxy server. This has been fixed.
Previously, running the Confpack utility (nco_confpack) from the Korn shell caused an "Out of Memory" error. This has been fixed by increasing the amount of memory available to the JVM.
On Windows, if an event list had dual write connection to two ObjectServers (for example, called MASTER and DISPLAY), the transient event list failed to open on MASTER when run from the command line. This has been fixed.
On Windows, the nco_elct utility could fail if load balancing was used on the desktop server. This has been fixed.
When two ObjectServer clients executed QUERY and SEND MESSAGE concurrently, there was a remote chance of a deadlock. This has been fixed.
Store-and-forward (SAF) functionality in the Probe API is
enhanced to minimize event loss during ObjectServer failover. If
a connection to an ObjectServer is lost, when the probe connects
to the backup ObjectServer, the probe replays the last
RollSAFInterval seconds of events to the ObjectServer.
The following new properties have been added to the libOpl
library:
1)
RollSAFInterval:90
Type: INT
Value: >= 1.5 * Granularity of ObjectServer in failover pair
Purpose: Specifies the time interval in seconds after which the
SAF file is rolled over to the next file. This should be set to a
value that is greater than the granularity of the ObjectServer to
minimise event loss. The default is 90s.
2)
SAFPoolSize : 3
Type: INT
Value: >0
Purpose: Specifies the number of files in the pool that can be
used to store events when the probe is running in SAF mode.
The ObjectServer changes required for this functionality to work
include:
1) Add a new column ProbeSubSecondId (int) to the alerts.status
table in a failover pair of ObjectServers.
The default value for this field is 0. The probe will assign the
incremented value to the ProbeSubSecondId field for those events
that have the same LastOccurrence value.
2) Add the ProbeSubSecondId column to the gateway map.
3) Replace the deduplication trigger in the failover pair of
ObjectServers as follows:
create or replace trigger deduplication
group default_triggers
debug false
enabled true
priority 1
comment 'Deduplication processing for ALERTS.STATUS'
before reinsert on alerts.status
for each row
begin
if ( (old.LastOccurrence > new.LastOccurrence) or ( (
old.ProbeSubSecondId >= new.ProbeSubSecondId)
and (old.LastOccurrence = new.LastOccurrence) ) ) then
cancel;
else
set old.Tally = old.Tally + 1;
set old.LastOccurrence = new.LastOccurrence;
set old.StateChange = getdate();
set old.InternalLast = getdate();
set old.Summary = new.Summary;
set old.AlertKey = new.AlertKey;
set old.ProbeSubSecondId = new.ProbeSubSecondId;
if (( old.Severity = 0) and (new.Severity > 0))
then
set old.Severity = new.Severity;
end if;
end if;
end
Known Issue:
Circular store-and-forward functionality does not behave as expected on ObjectServer failback if a probe is configured to use a virtual ObjectServer definition for the Server property.
Workaround:
Configure the probe to use a primary ObjectServer for the Server property and a backup ObjectServer (with BackupObjectServer: TRUE) for the ServerBackup property.
The Windows Filter Builder did not handle strings containing escaped single quotes correctly. This has been fixed.
On HP-UX, host names were truncated to 8 characters, which was causing the Oracle Gateway to fail. This has been fixed.
When running the Windows event list with the -config command-line option, opening remote event list configuration (.elc) files by using FTP could fail. This has been fixed.
The default directory for the process agent running as a Win32 service is now OMNIHOME/log. Unless otherwise specified, this will also be the default working directory of any child processes that are spawned by the process agent. Previously, the working directory was %SYSTEMROOT%\win32.
The ObjectServer gateways no longer exit when an invalid transfer command is received. Previously, issuing the command "TRANSFER 'tablename' FROM NCOMS TO NCOMS1;" via nco_sql, could cause the process to exit. This issue has been fixed.
On Windows, it is possible to use the SIGHUP signal to make probes re-read their rules files. This only works for probes running under process control. Use the Netcool/OMNIbus Administrator GUI to generate the SIGHUP signal.
The process agent now logs the failure to resolve reverse host name lookup of an IPv6 address only as a WARNING. Previously, it was logged as an ERROR although the program was able to continue.
When using the SSL certificate migration tool nco_ssl_migrate with the -auto option to migrate the digital certificate of an ObjectServer from V3.6 to V7.2.1 on Windows, the properties file for the ObjectServer could not be located. This has been fixed.
If a host name was specified in the process agent configuration file and it failed to resolve, the error message would be logged at the informational level. This has been raised to the warning level.
When using the SSL certificate migration tool nco_ssl_migrate with the -auto option to migrate the digital certificate of an ObjectServer on UNIX, ObjectServer entries that had both SSL and unencrypted ports configured could not be processed. This has been fixed.
A new "-elc" command-line option is added to NCOConductor.exe. This option affects all the event list instances invoked from the Conductor menu for that instance of the Conductor. This feature provides similar functionality to the "-config/elc" option of the event list.
When the ObjectServer is run on Windows 2003 and IPv6 is installed, IDUC connections might fail when connecting using IPv4. This has been fixed.
The SSL certificate migration tool (nco_ssl_migrate) now expands environment variables from the Ipc.SSLCertificate or SSLCertificate properties when performing automatic migration. Any environment variable (for example, ENV) will be expanded if it takes the following form:
$ENV
${ENV}
%ENV% (Windows only)
UNIX environment variables are case-sensitive. Windows environment variables are not case-sensitive.
If the "-fromnchome" or "-fromomnihome" command-line options are supplied, these are used as the environment variables for NCHOME and OMNIHOME respectively. See below for the order in which the variables are used:
NCHOME: "-fromnchome", "-fromomnihome"
OMNIHOME: "-fromnchome"/omnibus, "-fromomnihome"
A new property has been added to the ObjectServer: RestrictionFiltersAND -restrictfiltersand
This property controls how user restriction filters and group restriction filters are concatenated. The property is set for the system and not per user. Changes to the property come into effect only after the ObjectServer is restarted. The default setting is "true". The values for this property are as follows:
false: All restriction filters are combined using the OR operator. For example, user_rf OR group1 OR group2.
true: All restriction filters are combined using the AND operator. For example, user_rf AND group1 AND group2.
This internal update is in preparation for updates to some gateways on the Windows platform.
All Netcool components can now be installed as Win32 services, even when installed with arbitrarily long command-line arguments.
The following permissions are added to the default AlertsGateway role. This prevents "permission denied" errors being logged when ObjectServer gateways connect to the ObjectServer as a user belonging to the Gateway group.
grant select on table master.servergroups to role 'AlertsGateway';
grant insert on table master.servergroups to role 'AlertsGateway';
grant update on table master.servergroups to role 'AlertsGateway';
grant delete on table master.servergroups to role 'AlertsGateway';
grant raise on signal gw_counterpart_down to role 'AlertsGateway';
grant raise on signal gw_counterpart_up to role 'AlertsGateway';
grant raise on signal gw_resync_start to role 'AlertsGateway';
grant raise on signal gw_resync_finish to role 'AlertsGateway';
These permissions are in the security.sql file, and so are automatically added to any new ObjectServers that are created using nco_dbinit.
For existing ObjectServers, the above commands must be applied to a running ObjectServer by using nco_sql or nco_config.
A number of problems relating to the processing of SQL elseif statements have been fixed.
1. A sub-select query would cache result sets when it formed part of an elseif statement in a trigger.
2. The cancel command would be incorrectly permitted in a post database action trigger when the command was contained within an elseif statement.
3. A "for each" row loop containing an insert into the table being indexed by the loop would be incorrectly permitted when the insert statement was contained in an elseif statement.
Existing triggers that should not have been permitted will be dropped when the ObjectServer is restarted. A message will be logged if any triggers are dropped.
Previously, the ObjectServer would exit if a nested subselect statement used a function. For example, the following SQL command would cause the ObjectServer to exit:
select FullName from security.users where UserID in (select UserID from security.group_members where GroupID in (select OwnerGID from alerts.status where hourofday(LastOccurrence) < 23))
This has been fixed.
The process agent (nco_pad) no longer sends service record changes to other process agents. This used to cause corruption or invalid information in nco_pa_status output, and has been fixed.
Files created using the "CREATE FILE" SQL command would have incorrect permissions on rollover. This has been fixed.
Journal entries over 250 characters in length are no longer corrupted when submitted using the Windows event list.
Integer values used in dynamic prompt tools are no longer corrupted in the Windows event list.
The UNIX event list now silently handles embedded carriage returns in external tools that previously caused execution errors.
There is no longer a memory leak in the ObjectServer when the system backup sql statement is executed.
There is no longer a memory leak in the ObjectServer when an external procedure is created.
The Event List will now check the status of the connection to the master ObjectServer before commencing a resync operation in Dual Server Desktop mode. The connection will be re-established if necessary. Previously the EventList would fail to re-establish a lost connection.
Previously, the result of the SQL to_date function could be wrong by one hour due to incorrect handling of daylight saving time. This problem has been fixed.
Under some circumstances an ObjectServer running on a Windows 2003 server with both IPv4 and IPv6 enabled would not accept connections correctly from Event Lists and gateways. This issue has been fixed.
Previously the ObjectServer failed when creating a pre-database insert trigger that passed a new.field value to a procedure. This has been fixed.
This change provides functionality in Netcool/OMNIbus libraries that is required by some probes. Users of v7.2.1 should apply this fix instead of the patch common-libncrypt-1_0.
| nco_libOpl | 5.11.33 |
| nco_libnobjserv | 5.11.28 |
| nco_libniduc_client | 5.11.33 |
| nco_libPa | 5.11.37 |
| nco_libArch | 5.11.33 |
| nco_libnetcool | 5.11.34 |
| nco_objserv | 5.11.34 |
| nco_administrator | 5.11.33 |
| nco_libncmd | 5.11.34 |
| nco_libngobjserv | 5.11.33 |
| nco_libDaemon | 5.11.32 |
| nco_pad | 5.11.34 |
| nco_desktop_dll | 5.11.37 |
| nco_libngtk | 5.11.28 |
| nco_g_crypt | 5.11.28 |
| nco_proxyserv | 5.11.34 |
| nco_confpack | 5.11.37 |
| nco_ssl_migrate | 5.11.37 |
| nco_g_objserv_bi | 5.11.33 |
| nco_patching | 5.11.28 |
| nco_store_resize | 5.11.28 |
| nco_dbinit | 5.11.34 |
| nco_elct | 5.11.37 |
| nco_libnproc | 5.11.32 |
| nco_libnipc | 5.11.34 |
| nco_eventlist | 5.11.37 |
| nco_conductor | 5.11.37 |
| nco_check_store | 5.11.28 |
| nco_crypt | 5.11.28 |
| libncrypt | 1.0.5 |
| nco_libnregion | 5.11.28 |
| nco_libnstore | 5.11.28 |
| nco_get_login_token | 5.11.33 |
| nco_ping | 5.11.28 |
| nco_network_ipv6 | 5.11.28 |
| nco_libniduc_server | 5.11.32 |
| nco_g_objserv_uni | 5.11.33 |
| nco_libOul | 5.11.33 |