History of Issues Resolved for Novell iManager 2.7
This document (7010166) is provided subject to the disclaimer at the end of this document.
Issues resolved in iManager 2.7 SP6 Patch 1 - Hotfix 1
Issues resolved in iManager 2.7 SP6 Patch 1
April 10, 2013
- Security Vulnerability: iManager vulnerable to XSS Request Forgery (Bug 726260) (CVE-2013-1088)
- Security Vulnerability: Token is not refreshed after logout (Bug 807429)
- Check for supported platforms (Bug 809290)
- Only 128 files/folders are displayed in the Files and Folders list in 'Rights to Files and Folders' (Bug 790645-8873-Jclient\799773-2761-iManager)
- Plugin Studio: Plugins with special characters in the id does not work after upgrade to iManager 2.7.5 (Bug 789981)
- Windows 8 support (Bug 809133)
- IE 10 support (Bug 800490)
- iManager: Changing languages reverts localization to English (Bug 785999)
- Other localization fixes (Bug 795849)
Issues resolved in iManager 2.7 SP6
December 6, 2012
- New installer\upgrader (Bug 774338)
- iManager check for unsupported platforms and ability to add new ones (Bug 770076\779956)
- Windows 2012 support (Bug 791868)
- IE 10 support - compatibility mode (Bug 770577\791870)
- Can now enable and disable Identity Manager view as Default view (Bug 787785/784418)
- iManager doesn't delete temporary jsp files of auxilary class (Bug 786708)
- Added ability to manage more than 999 objects in a container (Bug 758374)
- Error 404 after installing to a Red Hat 6.2 server (Bug 765594\777108)
- After changing the syntax of an attribute the "other" tab still shows old syntax (Bug 786435)
- iManager 2.7.5 crashes when extending an object with an aux class (Bug 778255)
- Java updated to 1.7.0 u4 (765023)
- Tomcat updated to TC7 (Bug 764710)
- NICI updated to 2.7.6 (Bug 777985)
Bugs 787518 and 787331
- Bugs 766726, 787785, 777987, 771660, 773445, 753716 and 784856
Issues resolved in iManager 2.7 SP5
April 30, 2012
- Many localization fixes
- Safari support (Bug 755987)
- Integer 64 support (Bug 751818)
- Audit: treename missing from events (Bug 753492)
- Object view: Unable to correct or alter the load and unload scripts of the Master_IP_Address (Bug 753319)
- When creating a device object the child window does not close (Bug 752995)
- Only display the last installed patch\support pack (Bug 751084)
- RBS Configuration: Configure iManager - RBS - selecting dynamicgroupobjectsaux for the dynamic group search type throws error (Bug 744957)
- JDOMParseException when creating a profile object (Bug 741273)
- Schema Management: Unable to edit schema OID with imanager 2.7.4 on SLES 11 (Bug 722246)
- Security vulnerability: server will reject requests to change the method from POST to GET (Bug 726265)
- Security vulnerability: Tomcat must generate a new session id with each successful authentication (Bug 726257)
- iManager upgrades do not backup/restore key configuration files (Bug 638542)
Issues resolved in iManager 2.7 Refresh 6
April 27, 2012
- Vulnerability was found and fixed in Java1.6.0_31 (Bug 749515)
- Updated Tomcat from 5.5.34 to 5.5.35 to include security vulnerability fixes (Bug 747547/669846)
- Install fails on SLES11 SP2 (Bug 745517)
- Installing a Framework patch break existing IDM plugins (Bug 736254)
Issues resolved in iManager 2.7 SP4 Patch 4
- Performance degrades when multiple users access iManager (Bug 632217)
- iManager should not allow MEDIUM/LOW/EXPORT/Not encrypted cipher levels (Bug 674747)
- After restarting Tomcat, RBS collection owner is only logged in with assigned access (Bug 721112)
- iManager ignores search base for authentication (Bug 707073)
- iManager is resolving objects to a server with a replica of root rather than locally (Bug 712602)
- Long delays when clicking on the " Other " tab in Modify Object View (Bug 714042)
Object Search and Selection
- Long delays when selecting NCP objects in Directory Administration --> Modify Object (Bug 718116)
- Objects with a slash / in the DN are not displayed in the simple selection list (Bug 700609)
- Custom plugin fails to function while modifying the attribute values (Bug 718319)
- Selecting Roles and Tasks --> Users --> Enable Account/Disable Account resulted in a default value of uniqueID rather than Common name (Bug 695519)
- Users see all roles when only assigned to one role the first time logging into iManager (Bug 709962)
- iManager showing earlier patches as available (Bug 642088/659793 )
- FireFox 9.0.1 support added.
Issues resolved in iManager 2.7 SP4 Patch 3
- An auxiliary class can now be added to other classes if one of the mandatory attributes of this auxiliary class is an optional attribute for other classes.
- posixAccount can now be added to a user object.
- The word wrapping works properly when you edit a login script in iManager.
- The following security issues have been resolved:
- XSS reflect and XSS store security vulnerabilities.
- SQL injection attacks.
- FireFox 4.0.1 and Microsoft Internet Explorer 9 web browser support added.
Issues resolved in iManager 2.7 SP4 Patch 2
- iManager mobile, after installing latest plugins, still shows newer ones are available (Bug 682743)
- All available ciphers are now displayed in the Configure iManager - Encryption section (Bug 654459)
- Groupnames with FDNs up to 128 characters can now be viewed in the Group Memberships tab (Bug 653109)
- iManager was not remembering the username after checking the option to remember login credentials (Bug 655527)
Issues resolved in iManager 2.7 SP4 Patch 1
- Getting a blank page when trying to access the device manager console using Microsoft Internet Explorer 8 (Bug 656741)
- Security vulnerability resolved in Tomcat 5.5.30
Issues resolved in iManager 2.7 SP4
- Security vulnerability: iManager stack buffer overflow (Bug 602542)
- Security Vulnerability: iManager off-by-one DoS (Bug 602557) (Secunia Advisory SA40281)
- Update to Tomcat 5.5.29 to address multiple vulnerabilities (Bug 608635/550668)
- Installation on SLES 11 is now supported (Bug 582765)
- Security Vulnerability: OpenSSL Handshake renegotion of existing connections (Bug 626751) (CVE-2009-3555)
- User adds now correctly reported to collector (Bug 471688)
- After successful uninstall of iManager 2.7, reinstall of iManager reports failure (Bug 388999)
- IDM 3.6 plugins stop working on windows (Bug 471758)
- Unable to add, modify, or view the photo attribute for a user object (Bug 494093)
- Adding a group to a template object gives error and does not update group membership (Bug 550567)
- Simple Selection sort does not work (Bug 546952)
- History now available to all plugins that support less than 12 object types (Bug 512239)
- Namespace Error when replacing single-valued DN attribute using Mutliple Object selector (Bug 546947)
- IDM 3.6.1 plugin installation taking too much time to complete (Bug 485943)
- Simple search favorites feature is available.
- Security vulnerabilities fixed in JRE 1.6.0_20 (Bug 594697) (CVE-2010-0886/CVE-2010-0887)
- <os> tag in iman_mod_desc.xml is being ignored if there is more than one (Bug 568650)
- Hungarian translation issue (Bug 575101)
- Installing patch will fail with a bogus message about a previous patch now being un-installed (Bug 607185)
- Plugin Studio Security Vulnerability: privileged user can instigate a DOS under the context of the service (Bug 608531)
- Plugin Studio: Audit log now properly shows the event of uploading of an npm (Bug 7608531)
- After updating the PKI plugin it loads with a JAVA error (Bug 557400)
- Error: " Unable to create AdminNamespace.java.lang.NoClassDefFoundError " when logging in (Bug 566473)
- Modify of Multiple objects fails (Bug 597690)
- Fail to perform multiple operations correctly (Bug 504371)
Issues resolved in iManager 2.7 SP3 FTF4
- iManager 2.7.3 FTF 3 installation hangs if earlier FTF installation files have not been uninstalled.
- Security Vulnerability - iManager stack buffer overflow - Creating a class name with more than 32 characters by using other scripts (perl / python).
- Security Vulnerability - iManager off-by-one DoS - If login request is sent with a Tree field length of 256 characters.
- Security Vulnerability - CVE-2009-3555 - OpenSSL Handshake renegotiation of the existing connections.
- Privileged User can instigate a DoS under the context of the service. (No Trace) - Providing Auditing and logs while authorized users upload the npm files.
- In addition to the existing platforms and Web browsers, iManager 2.7.3 FTF 4 supports Windows 7 (32-bit and 64-bit), Windows 2008 R2 platforms, and Internet Explorer 8 (IE 8).
- “Hide” and “Show Hidden” Buttons in the Available Novell Modules Page
- Preferred Object Selection Method for a Task of a Property Book
- Ability to Add Organizational Role to the Authorized Users and Groups List
- iManager Caches Login Information for Faster Login
- Ability to Configure the Proxy by using DNS
Issues resolved in iManager 2.7 SP3 FTF3
- Delay in the next login attempt after a login failure.
- The Case Ignore List adding multiple attribute values to a single attribute.
- Unauthenticated files that get uploaded onto Access Manager.
Issues resolved in iManager 2.7 SP3 FTF2
- The security vulnerability issue faced during installation of external plug-ins.
Issues resolved in iManager 2.7 SP3 FTF1
- The Others tab while modifying user is empty with iManager 2.7.3.
- Cannot browse/select objects from IE 8 browser.
- In IE 8, the iManager Tree view option was not listing.
- iManager plugin fails to uninstall cleanly.
- Objects created with alternate naming attribute in some cases.
Issues resolved in iManager 2.7 SP3
- Error message for deleting obvject is not localized.
- Configure iManager task is not displayed for the member of a nested group which is an Authorized user.
- Plug-ins are not removed when you select Select all plug-ins option in the Available Novell Plug-in Modules page, deselect one or more plug-ins in the list, and click Remove.
- iManager (2.7 with Tomcat 5.5) login screen, by default, has Autocomplete enabled which results in security vulnerability.
- Replace option under the Identification tab of the Modify User page does not work.
- Large number of XSS vulnerabilities exist in iManager 2.7.
- iManager 2.7.2 removes RBS collection ownership for a user when the user is added to / removed from a group object.
- Plug-in allows inconsistency of group and group membership.
- A user, who has logged in to iManager through Internet Explorer, as a t1 trustee user cannot view the property pages.
- Plug-in download does not function when you add a plug-in with name same as that of one of the existing plug-ins, and rename the exiting plug-in of the same name.
- Plug-ins are not displayed because of clash between .jar files.
- Uniqueness scan does not work if a tree has more than 7000 users.
- Login script that is created with Novell client appears blank in iManager.
- iManager tree view filter does not work when you use scandinavian characters.
Issues resolved in iManager 2.7 SP2
- The TreeName Display appears to be set only by the Roles and Tasks view instead of the Header Display. (395379)
- iManager 2.7.2 allows plug-ins with Max-iManager-Version set to 2.7.0 to be installed in it.
- The user cannot log in to iManager if he/she doesn?t have Public Browse Entry right.
- Password Policies assignment list is not sorted. It is difficult for the user to navigate and validate individual assignments when the size of list increases.
- A Custom Plug-in with Photo/JpegPhoto control gives HTTP 501 error while uploading larger files.
- In the Edit Member Association page, under Role Based Services, an error page is displayed when you click a link.
- A large size description control should be added to the General Property Book page and the Create User task. (175533)
- After upgrading the iManager version to 2.7.1, Audit does not send events to the Novell Audit server, SLS.
- Simple Selection default values are wrong. (414442)
- Improper short length truncations for Members and Group Membership controls. (414803)10. iManager does not respond when you log in with a copied user object.
- Advanced Properties - Add to Create Object task is not saved in plug-in studio.
- Plug-in Studio - Ability to set Page Order exists on Property Book Pages, but is missing from Tasks for Create/Modify (353003)
- Proper Error Handling is required for Plug-in Studio Import task. The user should not get the Null Pointer Exception.
- The way the attributes with syntax case ignore list are displayed, is not useful.
- In the Modify Object dialog box, under the Members tab, unexpected characters appear in the string, Member.
- In OES 2, INVALID_ATTRIBUTE Namespace error is displayed while performing the Copy Object operation.
- In the Object Extensions task, CLASS NOT DEFINED error is displayed while adding an auxiliary class (name with serial spaces).
- Can't login if Public does not have Browse Entry rights (416327)
Issues resolved in iManager 2.7 SP1
- The TreeName Display appears to be set only by the Roles and Tasks view instead of the Header Display. (395379)
- Setting up LDAP interfaces breaks dynamic group functionality.
- Adding more than one logic group in Advanced search filter for dynamic members query are not saved.
- Cannot add multiple users to multiple groups at the same time.
- The user cannot modify the chapter and page ordering while creating a property book, and while modifying the page list of an existing property book. (336071)
- Cannot export custom plug-in using Internet Explorer.
- Security vulnerability: Any user can delete Plug-in Studio created Property Book Pages. (336168)
- Only one value on a multi-valued attribute with path syntax is displayed on Edit Attribute page.
- When you export a plug-in, the manifest.mf file doesn't include Min-imanager-version, because of which when you import it back again fails.
- Plug-in Studio's Task for Create: When creating users from these custom-created tasks, it is not making a uniqueID matching the CN. (346647)
- Cannot truly assign Property Book Pages to the Existing chapter of General. (344410)
- ASCII Values field cannot be edited in the Octet String editor.
- Excessive DS Operations while modifying objects. (308623)
- Simple Selection is broken in the Configure > Views > iManager Views task screen. (336365)
- Creation of a Volume object should have a Physical Volume name entry that is populated with all possible values.
- Configure > Views > iManager Views task is broken. (343239)
- On the Modify Object page of Directory Administration, the user's password cannot be set.
- Option to use a proxy server to download plug-ins. (96942)
- iManager-Group object could define a Collection Owner.
- iManager 2.7 Octet String Editor does not work.
- If the user changes passwords in such a way that they don't meet Universal Password Policy, proper messages are not displayed.
- System Error occurs when the user tries to edit a stream attribute containing xml data.
- Cannot add replica if the server exists as S/R replica in a ring.
- The Object View, Tree, and Browse tabs return unsorted results.
- Specific files that the user wants to browse for, are not listed under View Objects-Browse view.
- The user cannot delete attributes from Auxiliary Classes by using iManager. Customer ldap scripts must be used to delete them.
This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.
- Document ID:7010166
- Creation Date:15-FEB-12
- Modified Date:12-MAY-13
Did this document solve your problem? Provide Feedback