Novell is now a part of Micro Focus

My Favorites

Close

Please to see your favorites.

History of Issues Resolved for iManager 3.x

This document (7016795) is provided subject to the disclaimer at the end of this document.

Environment

NetIQ iManager 3.x
NetIQ eDirectory 9.x

Situation

This TID documents all patches and fixes for iManager 3.x.
 
For the iManager 3.x Readme Addendum please refer to the following:
https:////www.novell.com/support/kb/doc.php?id=7017260

A list of eDirectory patches and issues resolved for eDirectory 9.0 can be found here:
https:////www.novell.com/support/kb/doc.php?id=7016794

Additional Information

____________________________________________________________________________________________________________________
Issues resolved in iManager 3.1
March 2018
Tomcat 8.5.27
JRE 1.8.0_162

FRAMEWORK
- Potential XSS vulnerability closed  (Bug 1063334)  (CVE-2018-1347)
- 625 error when browsing a NSS directory on a cluster volume in iManager  (Bug 1010818)

PLUGINS
- Secure transfer for plugin downloads  (Bug 149319/1056490/1056487)
- Error -601 when setting the simple password for a user object having il8n characters in its name  (Bug 1039287)
- Partition mgt: unable to add R/W replica when using a different locale  (Bug 1003550)

OTHER
- Upgrades: NAudit and XDAS configuration file is getting reset  (Bug 1010379)
- HSTS filter has been added in iManager web.xml file to enable Strict-Transport-Security  (Bug 1045513) (CVE-2018-1344)
- Localization Fixes (930696/957746/930662/956947/960824/957256/957747/960797/960821/960822/960822/960823/960825/1079576)

____________________________________________________________________________________________________________________
Issues resolved in iManager 3.0.4
September 2017
Tomcat 8.0.45
JVM 1.8.0_144
NICI 3.0.3

FRAMEWORK
- Enhancement: RHEL 7.4 platform added  (Bug 1058665)
- Enhancement: Windows 2016 support added  (Bug 1025843)
- Timezone attribute is not interpreted correctly  (Bug 1028890)
- Warning message overlapping with the driver name in the Driver Cache Inspector page  (Bug 880032)
- "Cannot add empty strings" message when canceling changes  (Bug 1034833)
- "Illegal character range near index 110" seen in driver's status log  (Bug 1038076)
- After selecting more than 100-300 objects no task is presented when clicking the button  (Bug 1049152)
- Pop is thrown 'value entered must be between 1 and 365' after selecting another tab modifying user  (Bug 1050586)
- Server redirection not working correctly when downloading plugins  (Bug 1050868)
- Cannot uninstall plugins if both iManager Workstation 3.x and 2.77.x are installed on the same workstation  (Bug 1053408)
- Object selector not honoring results per page setting  (Bug 1042139)
- XSS attack hole closed  (Bug 1052480) (CVE-2017-9276: internally found)

OTHER
- Audit: iManager is failing to Connect to Sentinel when Audit Connector is in STRICT mode  (Bug 1022794)
- Upgrades left behind old iManager and plugin-base npms  (Bug 870414)
- Some plugins could not be uninstalled  (Bug 1037836)
- Tomcat updated  (Bug 1048460)
- Java update  (Bug 1049613)
- NICI updated  (Bug 1052693)

____________________________________________________________________________________________________________________
Issues resolved in iManager 3.0.3.2 (303 Patch 2)
July 2017
Tomcat 8.0.44
JVM 1.8.0_131

FRAMEWORK
- Reflected XSS vulnerabilities  (Bug 1038679) (CVE-2017-7425)
- Views: unable to add an IP address restriction to a user object  (Bug 1030616)

TOMCAT
- Update Tomcat to 8.0.44  (Bug 1046831)  (CVE-2017-5664,CVE-2017-5648,CVE-2017-5647,CVE-2016-8735,CVE-2016-6816)

JVM
- Updated to 1.8.0_131  (Bug 1045911)

____________________________________________________________________________________________________________________
Issues resolved in iManager 3.0.3.1 (303 Patch 1)
May 2017

- Potential webshell upload vulnerability  (Bug 1027619) (CVE-2017-7432)
- Framework: persistent XSS vulnerability  (Bug 1030691) (CVE-2017-7430)
- Object Mgt: vulnerable to persistent XSRF  (Bug 1030692) (CVE-2017-7431)
- Tomcat: issue identified in the renegotiation of connection parameters  (Bug 1029431) (CVE-2017-7428)

_____________________________________________________________________________________________________________________
Issues resolved in iManager 3.0.3
April 2017
NICI: 3.0.2
Tomcat: 8.0.37-1
Java: 1.8.0_112-1

FRAMEWORK
- iManager server cannot connect to Sentinel using the embedded private key.  (Bug 1021637)  (CVE-2017-5189)
- View objects, search, object, click on object and the Modify Object operation is not seen.. (Bug 1026609)
- Red Hat 7.3 now supported.  (Bug 1027056)

Tomcat
- Time delay different between an invalid user and password.  (Bug 1017876)
- iManager install log now masks jre default keystore password.  (Bug 1023991)
- Nessscan reports in SSL 64-bit Block Size Cipher Suites Supported (SWEET32) in iManager 3.0.2.  (Bug 1010732)

OTHER
- iManager updates overwritting the config.xml file.  (Bug 1010839)
- Plugin installation: cannot uninstall the password management plugins.  (Bug 1020092)
- Cannot install IDM 4.6 plugins on an upgraded iManager setup.  (Bug 1022565)
- Configure: upgrade is not preserving configuration leading to Jcache not starting.  (Bug 1024529)

_____________________________________________________________________________________________________________________
Issues resolved in iManager 3.0.2.1
February 2017

OTHER
- JCE unlimited cipher option jar no longer installed by default for ECDSA384 certificates.  (Bug 1023402/1023024)
For more informaton: https://www.netiq.com/documentation/imanager-3/imanager_admin/data/b8qrh89.html#btubnyq

NAUDIT\XDAS
- iManager failing to connect Sentinel 7.4.2 and above version  (Bug 1019789)  (CVE-2017-5186)
- iManager is failing to Connect to Sentinel when Audit Connector is in Strict mode  (Bug 1024955)
Auditing collectors, platform agents, instrumentation, etc. have been modified to use eDirectory certificates in order to connect to Sentinel servers versioned 7.4.2 and above.  The previously used embedded certificate can no longer be used with Java 1.8.  This certificate issue has required the modification of the following components.  The updated files can be found on the respective product's patch page.

1019041/987162  – eDir
1021637/1019789 – iMgr
999186/1019573 – PA
1019543\1011208 – IDM
1021391 – RBPM
1013758 - Naudit connector

_____________________________________________________________________________________________________________________
Issues resolved in iManager 3.0.2
November 2016
Tomcat: 8.0.37
Java: 1.8.0_102
PA: PA 2011.1r4 2.0.2-79

FRAMEWORK
- Added support for SLES12 SP2  (Bug 994329)
- Added support for RH 6.8  (Bug 991880)
- Consume Tomcat: 8.0.37  (Bug 997226/1004423)
- Warning message 'Profile Missing' pseen when launching iManager Windows Workstation  (Bug 939510)
- iManager no longer installs 32-bit NICI packages  (Bug 944512)
- Multiple NICI install issues resolved  (Bug 966589/994068/994037)
- Getting "Error-634" error message when clicking on "Connections" tab under LDAP options  (Bug 966672)
- Consume latest Java: 1.8.0_102  (Bug 995946/1006942)
- iManager displays secondary loopback address on completion  (Bug 999237)
- Applying patch 4 to iManager 277 removes groups from novlwww user  (Bug 1002179)
- Consume latest PA: 2011.1r4 2.0.2-79  (Bug 1005510)
- iManager uninstall does not cleanly uninstall its components  (Bug 984889/986022/1002720)
- Need to mask IDP server backtrace when exceptions occur  (Bug 992108)
- Some functions prone to Reflected Cross-Site Scripting attacks  (Bug 992110)
- Cross-Site-Request-Forgery-Prevention not Working properly under heavy load  (Bug 992111)
- Potential command execution vulnerability resolved  (Bug 946043)

Tomcat
- Consume latest Tomcat: 8.0.37  (Bug 1002722)
-  Tomcat 8.x vulnerable to CVE-2015-5351
-  Nessus scan reports in SSL/TLS Diffie-Hellman Modulus <= 1024 Bits (Logjam) (Bug 963892) (CVE-2015-4000)
-  Process runs from system account  (Bug 992106)

OTHER
- Plugin Installation: .htaccess exists and is not restricted on the NAM admin console server  (Bug 979235)

_____________________________________________________________________________________________________________________
Issues resolved in iManager 3.0.1
June 2016
Tomcat 8.0.22
NICI: 3.0.1
JAVA: 1.8.0_77

FRAMEWORK
- Improvements made to only display available plugins that are compatible.  (Bug 928695/973975)
- Enhancement: IDM support has been added.  (Bug 970007)
- Safeguard iManager framework binaries during plugin uninstall process.  (Bug 977353)
- iManager patch installer is not creating patch install logs.  (Bug 906564)

TOMCAT
- Nessus scan reporting iManager is potentially vulnerable to Clickjacking.  (OTG-CLIENT-009) (Bug 963890)
- iManager not listening after rebooting RHEL 7.2 server.  (Bug 975678)

JAVA
- Updated to 1.8.0_77.  (Bug 973128)

PLUGINS
- Cannot remove dash from phone number.  (Bug 972633)

OTHER
- Installation is now prevented if a version of eDirectory lower than 9.0 is present.  (Bug 976133)
- Admin Guide has been revised.  (Bug 985323)

_____________________________________________________________________________________________________________________
Issues resolved in iManager 3.0 FCS
January 2016
Tomcat 8.0.22
NICI: 3.0
JAVA: 1.8.0_66
OpenLDAP: 2.1.25

FRAMEWORK
- Enhancement: Tomcat 8 support.  (Bug 932438)
- Enhancement: Multi-tree support.  (Bug 921490)
- Enhancement: TLS 1.2 support.  (Bug 922920)
- Enhancement: Suite B support.  (Bug 920352)
- Enhancement: UAP support added.  (Bug 921046)
- Enhancement: iManager now supports EC certificates and enforces cipher options 128 and 192.  (Bug 919946)
- Enhancement: iManager 3.0 now uses NICI 3.0.  (Bug 958575)
- Ebaclientinit utility now bundled with iManager so the uap.p12 certificate can be downloaded.  (Bug 920328/927784)
- Platforms tested: SLES12 SP1, SLES 11 SP4, SLED 12, OpenSUSE 13.2, Redhat 7.1 and 7.2.  (Bug 914251/927929/949916/958468)
- Group plugin throws an error if there are unspecified addresses defined on the LDAP server object.  (Bug 923881)
- Windows based iManager using IE 11 browser is not populating tree view objects.  (Bug 881861)
- Objects not displaying in the right pane in view objects link.  (Bug 902177)
- The platform.xml file is no longer used.  (Bug 926495)
- Plugins updated to allow for nesting enhanced nested groups.  (Bug 962772)
- Plugins that are not compatible with iManager 3.0 should not display as available.  (Bug 928695)

TOMCAT
- Enhancement: standalone iManager now works with 64bit Java 1.8.  (Bug 766367/953133)

INSTALL
- Suite B options added to silent install.  (Bug 920829/932012)

______________________________________________________________________________________________________________________

Disclaimer

This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:7016795
  • Creation Date:26-AUG-15
  • Modified Date:12-MAR-18
    • NetIQeDirectory
      iManager

Did this document solve your problem? Provide Feedback