Novell is now a part of Micro Focus

My Favorites

Close

Please to see your favorites.

Reflection for Secure IT Windows Server 7.1 Service Pack 2 (SP2) Release Notes

This document (7022020) is provided subject to the disclaimer at the end of this document.

Environment

Reflection for Secure IT Windows Server version 7.1

Situation

Reflection for Secure IT Windows Server 7.1 Service Pack 2 (SP2) is available for maintained customers (released October 2009). This technical note provides information about how to obtain your service pack and a list of features and fixes included in SP2, as well as those originally included in SP1 (released July 2009).

Resolution

Before you apply the service pack, note the following:

  • This document references a Reflection service pack. Service packs are available to licensed Attachmate customers with current maintenance plans for these products. For information about logins and accessing the Download Library, see Technical Note 0200.
  • Reflection for Secure IT Windows Server version 7.1 SP2 is a full product installation and does not require 7.1 to be installed.
  • For a list of features originally included in Reflection for Secure IT Windows Server 7.1, see Technical Note 2415.
  • For information about the Reflection PKI Services Manager 1.1 release, see Technical Note 2486.
  • Reflection for Secure IT version 8.0 is available beginning in November 2012. For a list of new features in 8.0, see Technical Note 2642.

This note is organized into the following sections:

Obtaining Service Packs or Updates

Maintained customers are eligible to download the latest product releases, service packs, and updates from the Attachmate Download Library web site: https://download.attachmate.com/Upgrades/. For more information about logging into and using the Download Library, see Technical Note 0200.

Installing the Service Pack

Reflection for Secure IT Windows Server version 7.1 SP2 is a full product installation and does not require 7.1 to be installed.

If you are upgrading an existing copy of Reflection for Secure IT version 7.1 or 7.1 SP1, note the following:

  • If the server is running when you apply the upgrade, the installer stops the service and any existing client connections will be disconnected.
  • We recommend that you back up your server configuration file before upgrading. This may be useful if you want to revert to an earlier version at some point in the future.
  • After applying the service pack, you need to restart Windows to complete the installation.

New Features and Fixes in Reflection for Secure IT 7.1 SP2

The following new features and resolved issues are included in Reflection for Secure IT Windows Server version 7.1 Service Pack 2.

New Features in 7.1 SP2

  • The debug log file now contains the server’s time zone setting and timestamp at the beginning of the file.
  • Failed authentication attempts are written to the Windows Event Viewer's application log once maximum password attempts or maximum keyboard-interactive attempts have been reached.

Additional Features in 7.1 SP2

  • The client cipher list is logged to the server debug log.
  • Provide support for the user@host syntax in the User Access Control.

Resolved Issues in 7.1 SP2

  • This service packs addresses vulnerabilities described in Microsoft Security Bulletin MS09-035 and Microsoft Security Advisory 973882: Vulnerabilities in Microsoft Active Template Library (ATL) Could Allow Remote Code Execution.
  • Windows IDs were always sent in uppercase causing public key authentication to fail. This issue has been resolved.
  • Transferring an identical file to the server from a UNIX client now updates the file timestamp.
  • Password authentication now works when using an interactive user who is a member in a three level deep nested group.
  • File transfers now work if the virtual sftp directory contains dashes.
  • File transfers now work if the file is located in a directory ending with the Japanese character “hyo”.
  • Secure Shell connections now allow Japanese characters to be entered.

Supported Platforms in 7.1 SP2

For information about platform support in Reflection for Secure IT, see Technical Note 1944.

New Features and Fixes in Reflection for Secure IT 7.1 SP1

The following new features and resolved issues are included in the Reflection for Secure IT Windows Server version 7.1 Service Pack 1.

New Features in 7.1 SP1

  • Configure Reflection for Secure IT to run in a Microsoft cluster environment.

The Microsoft cluster service helps ensure that client users have continuous access to your server, even if one computer within the cluster becomes unavailable. For configuration information, refer to the User Guide available at http://support.attachmate.com/manuals/rsit_win_server.html.

Note: Active client sessions are disconnected when a failover occurs. Clients need to initiate a new session.

  • Apply custom SFTP directory settings to scp transfers from OpenSSH hosts.

From the Permissions pane, enable the new setting, "Use SFTP accessible directory settings for SCP1."

  • Prevent non-interactive users from being able to connect to the server.

Non-interactive users are those who do not have the right to "Allow log on locally" (or "Log on locally") as configured in the local computer Security Policy. From the Permissions pane, clear the new setting, "Allow non-interactive users to log on."

Resolved Issues in 7.1 SP1

  • Public key authentication correctly supports double nesting of Active Directory global groups.

Note: Modifications to group membership made using Active Directory may take up to 20 minutes or more to be apparent to Reflection for Secure IT, depending on your Active Directory configuration.

  • Server console starts up correctly when running non-English versions of Windows.
  • When creating a group sub-configuration, you can now clear the “Allow SCP1” setting and save the change.

Supported Platforms in 7.1 SP1

For information about platform support in Reflection for Secure IT, see Technical Note 1944.

Reflection PKI Services Manager 1.0 SP1

Attachmate Reflection PKI Services Manager 1.0 provides X.509 certificate validation services for Reflection for Secure IT 7.1. The PKI Services Manager service pack is available as a separate, optional download.

Note: For information about the Reflection PKI Services Manager 1.1 release, see Technical Note 2486

Installing the Reflection PKI Services Manager Service Pack

Reflection PKI Services Manager version 1.0 SP1 is a full product installation and does not require 1.0 to be installed.

Note the following:

  • If the service is running when you apply the upgrade, the installer stops the service.
  • The service does not start automatically after the installation is complete. To start, either restart Windows, or run the following command from a DOS command window:
winpki start
  • If you are upgrading an existing copy of PKI Services Manager, the upgrade does not change the existing contents of your PKI Services Manager configuration directory (typically C:\Documents and Settings\All Users\Application Data\Attachmate\ReflectionPKI\config or C:\ProgramData\Attachmate\ReflectionPKI\config).

Resolved Issue in PKI Services Manager 1.0 SP1

  • Unrecognized OIDs no longer cause an ASN error.

Additional Information

Legacy KB ID

This document was originally published as Attachmate Technical Note 2446.

Disclaimer

This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:7022020
  • Creation Date:16-JUL-09
  • Modified Date:02-MAR-18
    • NovellReflection for Secure IT Server for Windows

Did this document solve your problem? Provide Feedback