History of Issues Resolved for Novell iManager 2.7
This document (7010166) is provided subject to the disclaimer at the end of this document.
Issues resolved in iManager 2.7 SP7 Patch 6
- Sun JRE updated to 1.8.0_66 (Bug 961541)
The primary focus of this patch was to support IDM 4.5.3.
Issues resolved in iManager 2.7 SP7 Patch 5
New Platform support: SLES11 SP4, Redhat 6.7, RHEL & 7.1 (Bug 942873)
New browsers versions tested: Mozilla 40, Google Chrome 44, 45 and Microsoft Edge
- Reflected Cross Site Scripting (XSS) vulnerability (Bug 904674)
- IE11: clicking next in browse tab under view objects causes browser to logout (Bug 925484)
- When viewing an rbsMember the full FQDN is not displayed (Bug 919285)
- Adding or removing a static member from a nested group removes the security equals for existing users (Bug 912513)
- javax.servlet.ServletException when changing configuration changes (Bug 907024)
- IDM tasks are greyed out after reinstalling modules into RBS (Bug 870937)
- Selection filter fails to find user objects with Polish characters in their name (Bug 867631)
- iManager upgrades were not saving the old configuration details (Bug 843774)
- Sun JRE updated to 1.8.0_60 (Bug 934859)
- PKI: Enhancement: default certificates now created using the SHA2 signature algorithm if the CA is changed to SHA2 (Bug 940809)
- ICE Wizard: exporting data results in a java.lang.NullPointerException error (Bug 921636)
Issues resolved in iManager 2.7 SP7 Patch 4
New Platform support: Redhat 6.6 (Bug 912823)
New browsers versions tested: IE11, Firefox 34.0.5 & Chrome 10 (Bug 911549)
- Reflected Cross Site Scripting (XSS) vulnerability (Bug 904674) (CVE-2014-5216)
- OES Branch: imanauthentication returns 200 to HEAD method instead of 403 (Bug 875982)
- Cross site Request Forgery (Bug 904679) (CVE-2014-5217)
- NAM: defaults should be remember login credentials = disabled and hide reason for login failure = enabled (Bug 908810)
- Not able to access Samba Plugin with iManager 277 Patch 3 (Bug 910241)
- Latest wbem.jar included from novell-wbemservices (Bug 915132)
- Enhancement: updated to Java 8 (Bug 907433)
- RegEX validation on Multivalued Attributes happens on the wrong attribute (Bug 903969)
- iManager group plugin throws an error if there are unspecified addresses (Bug 865164)
- File Overwrite Vulnerability in schema plugin (Bug 858107)
- XXS vulerability found in schema plugin (Bug 858132)
Issues resolved in iManager 2.7 SP7 Patch 3
- Security Vulnerability: XML eXternal Entity Injection (XXE) (Bug 904669)
- Object Selector and History buttons missing after applying 220.127.116.11 (Bug 865938)
- Security Vulnerability: Poodle vulnerability in Tomcat (Bug 903782) (CVE-2014-3566)
- Security Vulnerability: Integer overflow (Bug 881886) (CVE-2014-0075)
- Security Vulnerability: DefaultServlet.java does not properly restrict XSLT stylesheets (Bug 881886) (CVE-2014-0096)
- Enhancement: iManager 2.7 SP7 now supports SLES12 & Redhat 7 (Bug 907305/895039)
- Removed messages indicating no support for RHEL 5.10 & 5.11 (Bug 905447)
- Removed platforms.xml and its dependancies to allow installation on all platforms (Bug 903433)
- Jcache process unable to start on a Integrated installer setup (Bug 895980)
- JDK version updated to 1.7.0_72 (Bug 895209/892887)
- Certificate Server plugin not getting installed when using the integrated installer (Bug 884239)
Issues resolved in iManager 2.7 SP7 Patch 2
- Provides new browser support: Safari 7, Firefox 32 and Chrome 37 (Bug 897231)
- Java script issue where "Force periodic password changes" on Chrome and Safari resets value to 0 (Bug 889413)
- Help icon does not correctly link to the help page (Bug 880036)
- /etc/eMFrameInstall.properties file not updated when upgrading (Bug 889643)
- Icon cleanup (Bug 889343\884494)
- Old eDirectory SDK's included in Patch 1 (Bug 883509)
- Unnamed Execute Custom Code seen during patch install (Bug 814175)
- Handshake errors: platform agent modified to use stronger cypher in certificate (Bug 890686\896140) (TID 7014219)
- Appenders attempt to contact server even if XDAS is not configured (Bug 855363)
Plugin (standalone build: 2.7.20140903)
- New site created for getting the latest iManager plugins: https://www.netiq.com/support/imanager/plugins (Bug 829879)
- XDAS plugin: "Error: Failed to update the database" when selecting the Novell Audit tabe (Bug 855872\857007)
Issues resolved in iManager 2.7 SP7 Patch 1 Hotfix 1
- Security Vulnerability: SSL/TLS MITM (Bug 881950\882376) (CVE-2014-0224)
- Security Vulnerability: Recovering OpenSSL ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack (Bug 881950) (CVE-2014-0076)
Issues resolved in iManager 2.7 SP7 Patch 1 (and eDirectory 8.8 SP8 Patch 1 plugins)
Tomcat 7.0.42\Java 1.7.0_25
- New platform support: Windows 2012 R2 for iManager server and Windows 8.1 for iManager workstation (Bug 854635)
- New browser support: Firefox 25 & 26, Chrome 30 & 31 and IE 11 (non-Metro compatibility mode) (Bug 854635)
- IDM plugin not working with iManager 2.7.7 (Bug 848425)
- Core: 'Unvalued' attributes show the wrong attribute (Bug 824571)
- Obj Mgt: Users are created with uniqueID instead of CN as naming attribute if LUM enabled user is used as template and "Create home directory" is selected (Bug 825419)
- Documentation: admin guide re-written. iManager Event table added. (Bug 722460)
- SLES10 SP4 32-bit has been dropped as a supported platform (Bug 826395)
- Audit: XDAS event format should be consistent across standalone and OES iManager (Bug 841808)
- Audit: syslog host preconfigured with 192.168.1.5:1468 (Bug 851922)
- Audit: XDAS auditing now bundled in OES11 SP2 (Bug 841774)
- Audit: All sub events should be de-selected when XDAS audit is disabled (Bug 842007)
- ZENworks 7.0 Server Management plugin is no longer supported on iManager (Bug 837414)
- Netstorage and iFolder plugins should only be listed for Linux machines not Windows (Bug 838442)
- Some OES plugins are not working with iManager 2.7 SP7 (Bug 842238)
- Now adding wbem.jar from novell-wbemservices rpm so Storage Management plugin will work (Bug 843203)
- XDAS audit: setting MaxFileSize to 1MB and MaxBackupIndex to 0 results in only one event getting written (Bug 842045)
- Clicking "Next" after Searching in "View Objects" causes IE to redirect to Login Screen (Bug 850120)
- 192.168.1.5:1468 automatically added as syslog host (Bug 851922)
- Localization fix in installation (Bug 838381)
- Simplified Chinese localization fix for help - displayed as question marks (Bug 835600)
Issues resolved in iManager 2.7 SP7 (Standlone - non-OES - only)
Tomcat 7.0.42\Java 1.7.0_25
- Enhancement: iManager now supports a pure IPv6 configuration (Bug 818534/827733/825625)
- Enhancement: iManager now has XDAS event capability (Bug 823591\827280)
- Tomcat hardening: Removed host-manager & manager folders from tomcat zip file (Bug 792595)
- Tomcat updated to 7.0.42 (Bug 819968)
- JAVA updated to 1.7.0_25 (Bug 829440\811775)
- Workflow Administration Plugin no longer works after upgrading to iManager 2.7.6 (Bug 828335)
- Install: RHEL 5.7, 5.8, 5.9 and 6.3 platform installations returning "Unsupported Platform" error (Bug 798232/829873/830560)
- NICI: NICI upgraded to the latest version: 2.77 (18.104.22.168) (Bug 822795)
- Plugin Studio: 'HTML Area' attribute's control properties are not working (Bug 829174)
- Plugin Studio: default value for attributes should only appear if there are no other values (Bug 501094)
- TextAreas is being displayed over 8 rows tall (Bug 760559)
- Error: -601 with extended characters and object selector when viewing effective rights (Bug 815627)
- Removed unnecessary files and folders (Bug 818734)
Issues resolved in iManager 2.7 SP6 Patch 1 - Hotfix 2
August 2013 - OES: November 2013
Tomcat 7.0.32\Java 1.7.0_04
- Unable to access a cluster from the cluster plug-in (Bug 826578)
- Invalid DER file after exporting CA object certificate using iManager 2.7.6 (Bug 828129)
- Error with extended characters and object selector (Bug 815627)
- Create new Server Certificate task logs user off the iManager (Bug 834675)
- OpenSSL is not accepting the format of exported certificates after applying 2.7.6 patch 1 (Bug 827706/830992)
- Exporting certificates results in a corrupted file (Bug 835108)
Issues resolved in iManager 2.7 SP6 Patch 1 - Hotfix 1
May 2013 - OES: November 2013
- Error: -613 'unexpected results have occurred' is seen when users change their passwords (Bug 817422) (TID 7012403)
Note: Both this patch as well as eDirectory 8.8 SP7 Patch3 is required to fully resolve this issue.
Issues resolved in iManager 2.7 SP6 Patch 1
April 10, 2013 - OES: November 2013
Tomcat 7.0.32. and Java 1.7.0_04
- Installer for iManager patches is now available (Bug 803961)
- Security Vulnerability: iManager vulnerable to XSS Request Forgery (Bug 726260) (CVE-2013-1088)
- Security Vulnerability: Token is not refreshed after logout (Bug 807429)
- Check for supported platforms (Bug 809290)
- Only 128 files/folders are displayed in the Files and Folders list in 'Rights to Files and Folders' (Bug 790645-8873-Jclient\799773-2761-iManager)
- Plugin Studio: Plugins with special characters in the id does not work after upgrade to iManager 2.7.5 (Bug 789981)
- Windows 8 support (Bug 809133)
- IE 10 support (Bug 800490)
- iManager: Changing languages reverts localization to English (Bug 785999)
- Other localization fixes (Bug 795849)
- Redirection after logout going to iManager login screen no matter what URL is put in (Bug 505804)
- Using a password already in the password history would return a non-meaningful -216 error (Bug 769509)
- iManager: After changinglanguages previous iManager configurations are set back to default (785999)
- OES: Unable to uninstall iprint linux management plug (Bug 791172)
Issues resolved in iManager 2.7 SP6
December 6, 2012
Tomcat 7.0.32/Java 1.7.0_04
- New installer\upgrader (Bug 774338)
- iManager check for unsupported platforms and ability to add new ones (Bug 770076\779956)
- Windows 2012 support (Bug 791868)
- IE 10 support - compatibility mode (Bug 770577\791870)
- Can now enable and disable Identity Manager view as Default view (Bug 787785/784418)
- iManager doesn't delete temporary jsp files of auxilary class (Bug 786708)
- Added ability to manage more than 999 objects in a container (Bug 758374)
- Error 404 after installing to a Red Hat 6.2 server (Bug 765594\777108)
- After changing the syntax of an attribute the "other" tab still shows old syntax (Bug 786435)
- iManager 2.7.5 crashes when extending an object with an aux class (Bug 778255)
- Java updated to 1.7.0 u4 (765023)
- Tomcat updated to TC7 (Bug 764710)
- NICI updated to 2.7.6 (Bug 777985)
Bugs 787518 and 787331
- Bugs 766726, 787785, 777987, 771660, 773445, 753716 and 784856
Issues resolved in iManager 2.7 SP5
April 30, 2012
Tomcat V 5.5.28/JRE 1.6.0_18
- Many localization fixes
- Safari support (Bug 755987)
- Integer 64 support (Bug 751818)
- Audit: treename missing from events (Bug 753492)
- Object view: Unable to correct or alter the load and unload scripts of the Master_IP_Address (Bug 753319)
- When creating a device object the child window does not close (Bug 752995)
- Only display the last installed patch\support pack (Bug 751084)
- RBS Configuration: Configure iManager - RBS - selecting dynamicgroupobjectsaux for the dynamic group search type throws error (Bug 744957)
- JDOMParseException when creating a profile object (Bug 741273)
- Schema Management: Unable to edit schema OID with imanager 2.7.4 on SLES 11 (Bug 722246)
- Security vulnerability: server will reject requests to change the method from POST to GET (Bug 726265)
- Security vulnerability: Tomcat must generate a new session id with each successful authentication (Bug 726257)
- iManager upgrades do not backup/restore key configuration files (Bug 638542)
Issues resolved in iManager 2.7 Refresh 6
April 27, 2012
- Vulnerability was found and fixed in Java1.6.0_31 (Bug 749515)
- Updated Tomcat from 5.5.34 to 5.5.35 to include security vulnerability fixes (Bug 747547/669846)
- Install fails on SLES11 SP2 (Bug 745517)
- Installing a Framework patch break existing IDM plugins (Bug 736254)
Issues resolved in iManager 2.7 SP4 Patch 4
Tomcat V 5.5.28/JRE V 1.6.0_18
- Performance degrades when multiple users access iManager (Bug 632217)
- iManager should not allow MEDIUM/LOW/EXPORT/Not encrypted cipher levels (Bug 674747)
- After restarting Tomcat, RBS collection owner is only logged in with assigned access (Bug 721112)
- iManager ignores search base for authentication (Bug 707073)
- iManager is resolving objects to a server with a replica of root rather than locally (Bug 712602)
- Long delays when clicking on the " Other " tab in Modify Object View (Bug 714042)
Object Search and Selection
- Long delays when selecting NCP objects in Directory Administration --> Modify Object (Bug 718116)
- Objects with a slash / in the DN are not displayed in the simple selection list (Bug 700609)
- Custom plugin fails to function while modifying the attribute values (Bug 718319)
- Selecting Roles and Tasks --> Users --> Enable Account/Disable Account resulted in a default value of uniqueID rather than Common name (Bug 695519)
- Users see all roles when only assigned to one role the first time logging into iManager (Bug 709962)
- iManager showing earlier patches as available (Bug 642088/659793 )
- FireFox 9.0.1 support added.
Issues resolved in iManager 2.7 SP4 Patch 3
JRE V 1.6.0_18 and Tomcat V 5.5.28
- An auxiliary class can now be added to other classes if one of the mandatory attributes of this auxiliary class is an optional attribute for other classes.
- posixAccount can now be added to a user object.
- The word wrapping works properly when you edit a login script in iManager.
- The following security issues have been resolved:
- XSS reflect and XSS store security vulnerabilities.
- SQL injection attacks.
- FireFox 4.0.1 and Microsoft Internet Explorer 9 web browser support added.
Issues resolved in iManager 2.7 SP4 Patch 2
- iManager mobile, after installing latest plugins, still shows newer ones are available (Bug 682743)
- All available ciphers are now displayed in the Configure iManager - Encryption section (Bug 654459)
- Groupnames with FDNs up to 128 characters can now be viewed in the Group Memberships tab (Bug 653109)
- iManager was not remembering the username after checking the option to remember login credentials (Bug 655527)
Issues resolved in iManager 2.7 SP4 Patch 1
- Getting a blank page when trying to access the device manager console using Microsoft Internet Explorer 8 (Bug 656741)
- Security vulnerability resolved in Tomcat 5.5.30
Issues resolved in iManager 2.7 SP4
TC 5.5.29/JRE 1.6.0_20
- Security vulnerability: iManager stack buffer overflow (Bug 602542)
- Security Vulnerability: iManager off-by-one DoS (Bug 602557) (Secunia Advisory SA40281)
- Update to Tomcat 5.5.29 to address multiple vulnerabilities (Bug 608635/550668)
- Installation on SLES 11 is now supported (Bug 582765)
- Security Vulnerability: OpenSSL Handshake renegotion of existing connections (Bug 626751) (CVE-2009-3555)
- User adds now correctly reported to collector (Bug 471688)
- After successful uninstall of iManager 2.7, reinstall of iManager reports failure (Bug 388999)
- IDM 3.6 plugins stop working on windows (Bug 471758)
- Unable to add, modify, or view the photo attribute for a user object (Bug 494093)
- Adding a group to a template object gives error and does not update group membership (Bug 550567)
- Simple Selection sort does not work (Bug 546952)
- History now available to all plugins that support less than 12 object types (Bug 512239)
- Namespace Error when replacing single-valued DN attribute using Mutliple Object selector (Bug 546947)
- IDM 3.6.1 plugin installation taking too much time to complete (Bug 485943)
- Simple search favorites feature is available.
- Security vulnerabilities fixed in JRE 1.6.0_20 (Bug 594697) (CVE-2010-0886/CVE-2010-0887)
- <os> tag in iman_mod_desc.xml is being ignored if there is more than one (Bug 568650)
- Hungarian translation issue (Bug 575101)
- Installing patch will fail with a bogus message about a previous patch now being un-installed (Bug 607185)
- Plugin Studio Security Vulnerability: privileged user can instigate a DOS under the context of the service (Bug 608531)
- Plugin Studio: Audit log now properly shows the event of uploading of an npm (Bug 7608531)
- After updating the PKI plugin it loads with a JAVA error (Bug 557400)
- Error: " Unable to create AdminNamespace.java.lang.NoClassDefFoundError " when logging in (Bug 566473)
- Modify of Multiple objects fails (Bug 597690)
- Fail to perform multiple operations correctly (Bug 504371)
Issues resolved in iManager 2.7 SP3 FTF4
- iManager 2.7.3 FTF 3 installation hangs if earlier FTF installation files have not been uninstalled.
- Security Vulnerability - iManager stack buffer overflow - Creating a class name with more than 32 characters by using other scripts (perl / python).
- Security Vulnerability - iManager off-by-one DoS - If login request is sent with a Tree field length of 256 characters.
- Security Vulnerability - CVE-2009-3555 - OpenSSL Handshake renegotiation of the existing connections.
- Privileged User can instigate a DoS under the context of the service. (No Trace) - Providing Auditing and logs while authorized users upload the npm files.
- In addition to the existing platforms and Web browsers, iManager 2.7.3 FTF 4 supports Windows 7 (32-bit and 64-bit), Windows 2008 R2 platforms, and Internet Explorer 8 (IE 8).
- “Hide” and “Show Hidden” Buttons in the Available Novell Modules Page
- Preferred Object Selection Method for a Task of a Property Book
- Ability to Add Organizational Role to the Authorized Users and Groups List
- iManager Caches Login Information for Faster Login
- Ability to Configure the Proxy by using DNS
Issues resolved in iManager 2.7 SP3 FTF3
- Delay in the next login attempt after a login failure.
- The Case Ignore List adding multiple attribute values to a single attribute.
- Unauthenticated files that get uploaded onto Access Manager.
Issues resolved in iManager 2.7 SP3 FTF2
- The security vulnerability issue faced during installation of external plug-ins.
Issues resolved in iManager 2.7 SP3 FTF1
- The Others tab while modifying user is empty with iManager 2.7.3.
- Cannot browse/select objects from IE 8 browser.
- In IE 8, the iManager Tree view option was not listing.
- iManager plugin fails to uninstall cleanly.
- Objects created with alternate naming attribute in some cases.
Issues resolved in iManager 2.7 SP3
- Error message for deleting obvject is not localized.
- Configure iManager task is not displayed for the member of a nested group which is an Authorized user.
- Plug-ins are not removed when you select Select all plug-ins option in the Available Novell Plug-in Modules page, deselect one or more plug-ins in the list, and click Remove.
- iManager (2.7 with Tomcat 5.5) login screen, by default, has Autocomplete enabled which results in security vulnerability.
- Replace option under the Identification tab of the Modify User page does not work.
- Large number of XSS vulnerabilities exist in iManager 2.7.
- iManager 2.7.2 removes RBS collection ownership for a user when the user is added to / removed from a group object.
- Plug-in allows inconsistency of group and group membership.
- A user, who has logged in to iManager through Internet Explorer, as a t1 trustee user cannot view the property pages.
- Plug-in download does not function when you add a plug-in with name same as that of one of the existing plug-ins, and rename the exiting plug-in of the same name.
- Plug-ins are not displayed because of clash between .jar files.
- Uniqueness scan does not work if a tree has more than 7000 users.
- Login script that is created with Novell client appears blank in iManager.
- iManager tree view filter does not work when you use scandinavian characters.
Issues resolved in iManager 2.7 SP2
- The TreeName Display appears to be set only by the Roles and Tasks view instead of the Header Display. (395379)
- iManager 2.7.2 allows plug-ins with Max-iManager-Version set to 2.7.0 to be installed in it.
- The user cannot log in to iManager if he/she doesn?t have Public Browse Entry right.
- Password Policies assignment list is not sorted. It is difficult for the user to navigate and validate individual assignments when the size of list increases.
- A Custom Plug-in with Photo/JpegPhoto control gives HTTP 501 error while uploading larger files.
- In the Edit Member Association page, under Role Based Services, an error page is displayed when you click a link.
- A large size description control should be added to the General Property Book page and the Create User task. (175533)
- After upgrading the iManager version to 2.7.1, Audit does not send events to the Novell Audit server, SLS.
- Simple Selection default values are wrong. (414442)
- Improper short length truncations for Members and Group Membership controls. (414803)10. iManager does not respond when you log in with a copied user object.
- Advanced Properties - Add to Create Object task is not saved in plug-in studio.
- Plug-in Studio - Ability to set Page Order exists on Property Book Pages, but is missing from Tasks for Create/Modify (353003)
- Proper Error Handling is required for Plug-in Studio Import task. The user should not get the Null Pointer Exception.
- The way the attributes with syntax case ignore list are displayed, is not useful.
- In the Modify Object dialog box, under the Members tab, unexpected characters appear in the string, Member.
- In OES 2, INVALID_ATTRIBUTE Namespace error is displayed while performing the Copy Object operation.
- In the Object Extensions task, CLASS NOT DEFINED error is displayed while adding an auxiliary class (name with serial spaces).
- Can't login if Public does not have Browse Entry rights (416327)
Issues resolved in iManager 2.7 SP1
- The TreeName Display appears to be set only by the Roles and Tasks view instead of the Header Display. (395379)
- Setting up LDAP interfaces breaks dynamic group functionality.
- Adding more than one logic group in Advanced search filter for dynamic members query are not saved.
- Cannot add multiple users to multiple groups at the same time.
- The user cannot modify the chapter and page ordering while creating a property book, and while modifying the page list of an existing property book. (336071)
- Cannot export custom plug-in using Internet Explorer.
- Security vulnerability: Any user can delete Plug-in Studio created Property Book Pages. (336168)
- Only one value on a multi-valued attribute with path syntax is displayed on Edit Attribute page.
- When you export a plug-in, the manifest.mf file doesn't include Min-imanager-version, because of which when you import it back again fails.
- Plug-in Studio's Task for Create: When creating users from these custom-created tasks, it is not making a uniqueID matching the CN. (346647)
- Cannot truly assign Property Book Pages to the Existing chapter of General. (344410)
- ASCII Values field cannot be edited in the Octet String editor.
- Excessive DS Operations while modifying objects. (308623)
- Simple Selection is broken in the Configure > Views > iManager Views task screen. (336365)
- Creation of a Volume object should have a Physical Volume name entry that is populated with all possible values.
- Configure > Views > iManager Views task is broken. (343239)
- On the Modify Object page of Directory Administration, the user's password cannot be set.
- Option to use a proxy server to download plug-ins. (96942)
- iManager-Group object could define a Collection Owner.
- iManager 2.7 Octet String Editor does not work.
- If the user changes passwords in such a way that they don't meet Universal Password Policy, proper messages are not displayed.
- System Error occurs when the user tries to edit a stream attribute containing xml data.
- Cannot add replica if the server exists as S/R replica in a ring.
- The Object View, Tree, and Browse tabs return unsorted results.
- Specific files that the user wants to browse for, are not listed under View Objects-Browse view.
- The user cannot delete attributes from Auxiliary Classes by using iManager. Customer ldap scripts must be used to delete them.
This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.
- Document ID:7010166
- Creation Date:15-FEB-12
- Modified Date:04-FEB-16
Did this document solve your problem? Provide Feedback