Now Available: NAM 3.0 Service Pack 1
Novell Cool Solutions: Feature
Digg This -
Posted: 27 Mar 2003
Novell Account Management 3.0 Service Pack 1 was recently released with a slew of new features and enhancements.
Check out the Docs here:
Check out the Enhancement list here:
- Added "batch" ability to secure Platforms using config file statements rather than command line.
- Erroneous certificate verification failures caused by white space in the stored address have been fixed.
- Added additional logging and debugging messages.
- Throws error in installation if ASAM Master User already exists.
- Added ability to sync local UNIX password with ASAM password when user successfully authenticates against Account Management.
- Fixed crash if Tree Name cannot be retrieved.
- CertServices no longer mints certificates for clients without IP/DNS information.
- Upgrade to OpenSSL v0.9.6g
- Manager Installation: Fixed asammgr default port
- Manager Installation: Fixed service registry "double-slash" problem
- Fixed DNS problem to use DNS as a final resort to verify peer connections
- Fixed issues with Solaris resolving clients through DNS.
- Added verbose LOG messages when connects and requests fail.
- Fixed problem where directory connections were getting the alias deref and the search time out reset. Directory connections now have the default values set for each handle obtained from the directory connection cache.
- Fixed potential memory problems with product activation.
- Changed getSchema to return an error instead of success since Linux core dumps when success is returned without a schema definition.
- Certificates allows for C (country), L (locality) and DC (domain context) fields.
- Removed the requirement for SecretStore
Novell Account Management 3.0 Manager
- Enterprise users that exist due to an alias to a user now always receive events when changes are made to the user object.
- Eliminated "Error 87" messages resulting from user or group names that contain the characters "#", ",", "+", """, "\", "<", ">" or ";", or a space at the end.
- Support dynamic groups as Search objects.
- Fixed problem where object names were being shown in their URL encoded form instead of decoded form.
- Added new Search Object link to manage all Search objects for Census and Platform Sets in one location.
- Restructured Search Object Edit and Search Object Add to manage all Search objects for the Census and for Platform Sets.
- Provide a "repair mode" for recreated users and groups. Previously, if a user or group was deleted from eDir then needed to be reinstated, the recreated object caused a naming exception. Deleting the ASAM-inputGUID attribute from the Enterprise User or Group will now notify the Manager to associate the existing Enterprise User or Group with the recreated object.
- Renamed eObjectSearch to Provisioning Details
- Made all Platform Sets that a users is in show up even if there are not pending events for the user.
- The Web interface now shows when a password has been successfully stored for use with managed accounts.
- The amount of time required to complete a Trawl has been reduced.
- Added the ability to browse to a Search object to be added.
- Manager shuts down quicker if DS is unusable.
- Fixed "Insufficient Rights" error when starting or stopping a Trawl and authenticating to the Web interface.
- Event processing now works when the Manager is running on a machine that also has Active Directory installed.
- Events and Platform associations that exist for obsolete Platforms are removed during a Trawl.
- Fixed crashes that occurred during phase 4 of the Trawl if there was a Platform Set with no associated UIDGID Set and at least one UIDGID Set existed.
- Updated links for editing/adding Search objects on Census and Platform Set pages to use new SearchObjectEditAll/SearchObjectAddAll.
- Fixed problem where Platforms were not being displayed for a Platform Set.
- Convert passwords to lower case when sending to Platform.
- If an object is marked as deleted, but not yet removed by Object Services, then EJS will send a delete event to the Platform on full-sync or check modes for that object.
- EJS now forces loginDisabled to be sent to the Platform. If no value exists for the loginDisabled attribute or the attribute does not exist in the directory, then a value of FALSE will be sent to the Platform for that attribute.
- Added reason field to events so that errors can be displayed using the Web interface.
- Improved full-sync performance and memory usage for EJS.
- New event notification is now sent immediately to Platforms running in Persistent Mode when error events are resent using the Web interface.
Novell Account Management 3.0 Agent
- Fix for Novell Client Password Intercept events from "wrong" tree.
- No longer pushes cached password (in chkpasswd).
- Fixed truncated member list problem for listgroupmembers and listseqv
- Use DNS only if necessary to verify a client.
- Fixed memory leak
- UNIX: During Installation, changed non-portable 'echo -n' to printf
- Bug fix for crash when we get something unexpected on port 2000
Novell Account Management 3.0 DirXML Event Listener
- Add Solaris Event Listener
- Add Account Management version and build number to driver identification.
- Set default timeouts to 10 seconds.
- Added connect, read, and write timeout parameters that will be used for the SSL communication with the Manager.
Novell Account Management 3.0 Platform Receiver
- Send both "Surname" and "SN" XML tag/values to the Platform Receiver.
- Added support for multi-valued attributes.
- Use formalized functions for retrieving events using callbacks to improve performance.
- Improved full-sync performance and memory usage.
- Automatic retry-on-error search routines for better error recovery.
- Added support to expire passwords or unexpire passwords based on values in eDir. Manager's User Attribute panel needs passwordExpirationTime and passwordExpirationInterval.
- Log stats when the receiver ends.
- Changed to use the connect and write timeouts set in the Platform Configuration file.
- If a Platform Receiver is already running, the receiver will now log a message containing the process id of the receiver that has control for the Platform.
- During a Platform Receiver restart, the Manager may not have processed the Platform Receiver shutdown event by the time the Receiver is restarted, and may erroneously report, in the log specified by SYSLOGFACILITY, "PRCV012W A Platform Receiver is already active for Platform <platformname>, PID=<pid_number>. You may have to wait up to a maximum of 180 seconds before you can start another receiver." Try starting the Platform Receiver after a delay.
- Windows: Corrected problem with parsing asamwin.conf and asamplat.conf.
- Windows: Added code to add users/groups if they have been deleted from ad/domain but exist in eDir when a full sync is run.
- Windows: Added support for eDir to AD attribute mapping in a conf file.<br>Attributes still have to be added to the Manager's User Attribute panel and to the DirXML subscriber filter.
- Windows: Corrected problems with RemoveFromGroup when users are in a different container from the group.
- Windows: Added Password Only scripts so that AM password synchronization can be used with standard DirXML AD and NT drivers.
- UNIX: fixed TYPE evaluation in platformverfiyandmapname.sh
- UNIX: move debug flags to top of files, fixed some variable evaluations in platformverifyandmapname.sh, pendeluser.sh and platformgroupaff.sh
- UNIX: was calling LOG_MAUDRaddUserFailed when should have been calling LOG_MAUDRaddGroupFailed
Novell Account Management 3.0 Platform Services Process
- PSP returns HTTP_INTERNAL_SERVER_ERROR when can't contact an Agent
Novell Account Management 3.0 Platform Client API
- ASC_NOTIFYPASSWD now sends the active eDir tree.
- Added AdminResetPassword to ActiveX control.
- Client API doesn't parse DOM document when HTTP error is not HTTP_OK
- Added new private API call ASC_GETPROPERTY that will allow a caller to retrieve a GCS property.
- Add in support for updatepassword and passwordsource configuration directives to support UNIX local password sync on successful authentication.
- Fix problem with revoked users, now PAM account module works properly
Novell Account Management 3.0 Novell Client Password Intercept
- Novell Client Password Intercept now sends the active eDir tree.
- Updated installation to support file copy for Windows 95, NT4.0.<br>Also, added more robust messages if something goes wrong.
- Add parm for treename to the Notify Change Password
Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com