R12.51 CR10
========
Salesforce Case Number | Internal Defect ID | Issue Description |
---|
00318299 | DE177275 | XPSSweeper tool terminates abnormally. |
00305791 | DE138534 | The exported metadata incorrectly displays SHA1, when SHA256 is selected in Entity or Partnership. |
00128842 | DE104232 | SmConsole fails to display the correct status of the Policy Server service in Windows. |
21726567-01 | DE71949 | Administrative UI does not display certificates that contain non-ASCII characters. |
00056803 | DE94666 | Policy Server experiences high CPU usage. |
00453641 | DE204132 | Perl CLI fails to fetch authentication scheme for a realm. It occurs when the session is established with Admin privileges of the domain to which the realm belongs to. |
00429715 | DE175174 | Assertion encryption displays an error on the IDP side if the certificates contain non-ASCII characters in IssuerDN. |
00372539 | DE165552 | Policy Server terminates abnormally when Application model is used in conjunction with an OnAuthAttempt rule. |
00083756 | DE103841 | Policy Server terminates abnormally when a connection to the LDAP server is lost. |
00124386 | DE74014 | Policy Server for Windows builds incorrect search filters for SharePoint Agent requests. |
R12.51 CR08
========
Product: SiteMinder 12.51 CR08 Policy Server
March 2,2016 Policy Server 12.51 CR08 contains fixes for the following tracking numbers:
Tracking # Problem description
---------- -------------------
DE67107 Policy Server crashes on the IM tunnel agent call.
DE68852 Policy Server partially reloads the cache when an Agent connects to the Policy Server with an incorrect shared secret.
DE73006/DE103002 Policy Server allows the log in of a locked out user when the Enhanced AD integration is enabled.
DE74053 The SM access log file fails to display fields in the first line.
DE75247 APS ignores the data specified in the curly braces {} for the Lockout Mail.
DE87088 Administrative UI does not display certificates with non ASCII characters.
DE91647 Duplicate ICU shared library files are present in the ICU third-party folder.
DE95386 Policy Server fails to retrieve the value for special Attributes such as DominoAccessGroups.
DE103154 Policy Server crashes during LDAP failover.
DE106181 Policy Server terminates abruptly when policy store connection is lost.
DE108024 Backreference regular expression fails with SiteMinder password policy.
R12.51 CR07
========
Product: SiteMinder 12.51 CR07 Policy Server
September 30, 2015 Policy Server 12.51 CR07 contains fixes for the following tracking numbers:
Tracking # Problem description
---------- -------------------
161180 The SMUSRMSG cookie allows phishing for valid usernames with Novell eDirectory as a user store.
140418 Policy Server is overloaded and requires a restart
159571 Modification of few user attributes using the DMS API results in the modification of all the user attributes.
150914 If a policy is associated with rule and rule groups, retrieval of rules from the rule groups fails.
150154 When the key store is separate and multiple requests come from web agents to Policy Server, some agents fail to get agent keys with the following error message in the smps log:
"Policy store failed operation 'MultipleSearch' for object type 'AgentKey'"
151430 FSS UI session times out as an admin logs in.
163053 CAPKI is upgraded to CAPKI 4.3.8 release.
120472 Policy Server terminates abnormally and does not recover when LDAP Directory Server hangs due to network connectivity issues.
153351 The XPS parameter $AgentConnectionMaxLifetime is read continuously even though the dynamic flag is set to false.
147368 Policy Server fails to send an active response value when the authorization API returns empty sing.
164641 Policy Server crashes repeatedly due to an incorrect log message format.
138503 Policy Server terminates abnormally while rebuilding secondary caches.
151478 Policy Server installer displays the following incorrect non-fatal error in the install logs on Linux whenever the libidn library is missing: "There are consecutive spaces found in the installation home directory. Ensure that the installation home directory does not contain consecutive spaces."
54881 The User Directory Attribute mapping fails when the response attribute type is WebAgent-HTTP-Open-Format-Cookie.
161360 Rerunning XPSDDInstall on LDAP stores to restore the Data Dictionary fails with the Duplicate entry detected error when the dictionary object entries are present in the xpsXIDKey table but the objects are missing from the xpsObjects table.
R12.51 CR06
========
Product: SiteMinder 12.51 CR06 Policy Server
May 22, 2015 Policy Server 12.51 CR06 contains fixes for the following tracking numbers:
Tracking # Problem description
---------- -------------------
55861 Policy Server displays Bulk loading of records is not supported by driver error when you import SiteMinder audit data into SQL database.
75049 Policy Server displays CERTREVOKED error in place of CRLEXPIRED for an expired CRL.
138673 Password Dictionary check fails when you reset the password while having the restrictions in password policies.
147270 The publish command for Policy Server displays a file error to the smps log on UNIX platform.
119485 OneView Monitor displays 404 error in logs when the images of OneView Monitor do not exist in the /sitemindermonitor/images/buttons/ location.
144183 Smreghost prompts for password if you do not provide -p option when the command is valid.
137784 Policy Server terminates intermittently because of missing null check.
98943 Policy Server terminates abruptly when the user name of the directory contains special characters especially a percent symbol (%).
148874 Policy Server fails to connect to the CA Directory through TLS protocol.
153379 Data Direct drivers are upgraded to version 7.1.5 across all the platforms.
74880 Policy Server terminates intermittently because of APSMail.DLL while using the Forgotten Password functionality when the XSHADOW feature is enabled in the exchange server.
148876 CAPKI is upgraded to CAPKI 4.3.5 release.
74376 Key store gets updated when Global Tools Setting in Policy Server is modified.
145979 Policy Server closes the connection with SAP ERP Agent with 10 second idle timeout. The idle timeout session has been made configurable.
71914 WS Federation transaction fails at Assertion Generator when policy store is temporarily inaccessible.
127391 Federation transaction displays 500 error if the user name contains an apostrophe in the email.
73123 Reuse Count does not work when you reset the password.
134776 Advanced Password Services displays an incorrect error message when a new password is not accepted.
116644 XPSExport utility terminates abruptly when you export workspace Entries.
R12.51 CR05
========
Product: SiteMinder 12.51 CR05 Policy Server
November 28, 2014 Policy Server 12.51 CR05 contains fixes for the following tracking numbers:
Tracking # Problem description
---------- -------------------
134641/136917 XPSSweeper fails to migrate the service provider for existing and New IDP-SP Partnerships when you run the XPSSweeper.
129007 Policy Management API fails to send the plain password, while retrieving the user directory object.
71902 Forgot password service fails while using the stored procedures.
74616 Policy Store displays an error message (Unable to read object smSessionId) in smps.log, when you use a CA Directory Session as a Session Store.
74549 The smaccess.log and the smps.log files fail to roll over intermittently.
137087 Policy Server terminates abruptly due to memory leak in active expression evaluation.
64603 SAML object attributes are not displayed on the Administrative UI.
62710 The Policy Server LDAP fails, when you invoke the IDP initiation Federation transaction.
72073 Directory Server log fails, when "KeepAgentConnections" returns an error in the Policy Store.
53748 Java DMS API returns incorrect error code during change password API.
70791 ConfigManager.CheckACO.fails, when you use cluster configuration for HCO.
126730 CAPKI is upgraded to CAPKI 4.3.5 release.
72218 SM_catagory for AgentInstance object is missing in category.txt file. This causes error on loading.tmp files into the Oracle database, when you process audit related to these objects.
70530 XPSExport with "-npass" argument option fails and encrypts the passwords in the output file.
136915 SASL bind fails, when you upgrade the Active Directory of R12.51 CR04.
72751 APS fails to handle the execution of ODBS stored procedure.
115814 XPSExport terminates abruptly due to null pointer access.
55820 APSExpire command fails when you change the name in the SmUser column name in the APS table.
54813 The date on the generated report does not match the date on the audit report.
R12.51 CR04
========
Product: SiteMinder 12.51 CR04 Policy Server
July 31, 2014 Policy Server 12.51 CR04 contains fixes for the following tracking numbers:
Tracking # Problem description
---------- -------------------
62061,54414, 54006 Cache update logs an error in the CDS.log file.
53424 The PreserveHeaders and FccForceIsProcted ACO parameters are misspelt in the ApacheDefaultSettings ACO object template.
54949 XPSRegClient terminates abnormally when it failed to fetch the administrator password.
55489 Intermittent authorization failure occurs when SSO is configured between the Policy Server R6 and R 12.51 versions.
54962 XPSSweeper process terminates abnormally due to valid class deletion during the cleanup routine.
55501 The Policy Server enters the Event ID and Category ID column values as 0 in the Audit database under load.
53891 The Policy Server terminates abnormally during shutdown.
54483 The smpolicy-secure.xml file provides more restrictive security settings than the smpolicy.xml file.
55504 The smpoliysrv -publish command displays the connection information as 0.
53673,62080The smjdbcsetup.sh script fails to display the database type in the menu.
55592,55593Administrative UI displays an error when a sub-realm is created under a realm in EPM Applications without saving the realm.
55206 LDAP search calls from the Housekeeping thread takes long time to complete.
53929,62090The EPM Application Role authorization fails when the user directory is configured in the load balancing mode.
55826 The XPSImport utility fails to import with -npass option if the import file contains sensitive data.
55148 The XPSImport utility fails to import due to objects fetched from the LDAP store are not sorted properly.
54076,62052The Policy Server terminates abnormally when Active Expression is used in Response for authorization.
55455 Introduced a switch to configure AgentDiscovery feature through XPSConfig utility.
There are 3 possible values for this configuration (0=Disabled, 1=Auto Discover, 2 is Enabled). The default value for this parameter is 1 ( Auto Discover) in which case we check the policy store for any AgentInstance objects and update this parameter to 0 (Disabled) if no objects are found or to 2 (Enabled) if we find those objects. Since this parameter is global in nature, it is stored in the policy store and is available to all the policy servers in the server farm. When the Agent Discovery feature is disabled atrace messageis logged in the policyserver trace logs.
53767,63118 If AD/ADLDS is used as a user store (in "AD" namespace), authorization fails when Latin ISO characters are used in the user names.
75067 The Policy Server terminates abruptly when the "Registration File" option is not available during Administrative UI log in.
55837,74141 If util.jar, util_sdk.jar jars are present in CLASSPATH, the browser throws an Error 500 when a realm that is protected by SAML2.0 Authentication Scheme is accessed.
72481 The smmigratecds utility throws the NoClassDefFoundError error when -validate or -migrate option is specified.
53860 The Password Error message does not appear when localization parameter is set to NO in ACO.
54999 The smmigratecds utility displays incorrect messages when the -validate and -migrate options are used for expired certificates.
64837 The Policy Server terminates abruptly when editing/viewing the Active Directory based user directory.
55788 The smaccess log file fails to display fields in the first line of the file the file rotates.
55803 The Policy Server terminates abruptly at cache lookup.
55845 Active Directory locks user accounts though the correct credentials are entered.
62740,98322 The Policy Server fails to fetch more than 128 records from the LDAP based policy store.
64797 The XPSExport utility displays an incorrect description for the -m parameter.
70613,70774 The Policy Server terminates abnormally when MS SQL is configured as policy store and LDAP is configured as a key store.
64812 The XPSExport utility throws an encrypted password when the -npass switch is specified during migration.
54831,62053 The XPSExport utility with -xs switch terminates abruptly when the store contains node that does not have any Administrator associated with it.
55290 The smreghost utility with -o switch fails if HostName contains upper case alphabets.
70606 The smfedexport utility fails to export metadata if pubkey or sign option is usedd.
55333 The Change Information option in the Policy Server installer fails to function.
52506,62073 The initialization of SmdsLdapConnMgr is displayed as an error instead of a warning in the policy server's smps.log.
62085 The XpsSweeper utility throws errors when it is run after a federation partnership is deactivated.
54458,55385 The password policy fails to get triggered when a custom authentication scheme is used.
63116 The Policy Server sends RC2 encrypted password for a bind when adding a user directory to federation partnership.
54688,54360 The Policy Server logs the "Unable to obtain OS random data" error in the log file when a guest user on windows tries to run the XPS tools.
54556,62055 The Policy Server updates the Audit logging in an interval of 3 seconds rather than the configured time.
55394 KeepAgentConnections parameter does not contain parameters to support sending soft or hard close when AgentConnectionMaxLifetime time out is reached.
74204 CAPKI need to be upgraded to 4.3.4 for addressing recent openssl vulnerabilities.
54580, 62071 The Metadata import fails for the Service Provide entry from a Muti-Entity XML metada file.
54580,55061 The smfedexport utility fails to export metadata if pubkey or sign options is used
55718 The resource bundle error is displayed when smfedimport.sh is run.
55687, 62084 WS-Fed throws a SAML Assertion failure due to an incorrect sequence of the XML elements.
54901, 62066 Insufficient tracing in XPS layer while creating an external administrator object.
54473, 62072 APS displays incorrect information on password change.
R12.51 CR03
========
Product: SiteMinder 12.51 CR03 Policy Server
March 27, 2014 Policy Server 12.51 CR03 contains fixes for the
following tracking numbers:
Tracking # Problem description
---------- -------------------
172138 The smreg and XPSSecurity utilities are missing in the Policy Server installer.
164620,178151 The signature validation of SAML assertion takes a longer processing time under heavy server load.
169294,178156 The SAML assertion parse fails due to incorrect jars in the classpath.
170020,178159 Policy Server fails to roll over logs.
170507,178162,178658,173913 When a user directory is used in multiple partnerships, Policy Server authenticates only the first user.
171321,178539 Policy Server terminates abruptly during LDAP search under heavy request load.
176491,178649 During the Policy Server process shutdown, Policy Server terminates abruptly due to improper unloading of libraries.
175936,178651 Policy Server gives error due to unsigned jars.
175936,178651 During the IDP information search, Policy Server throws an error due to unsigned jars.
174693,178653 smkeytool fails to import the separate certificate and key files.
174236,178656 Upgrading from r6 to 12.51 results in the smpolicysrv process using 100 percentage of CPU usage.
171252,178667 Policy Server throws an error when retrieving the Web Services variable.
171489,179201 smaccess.log does not log the Administrative UI changes even when Enhance Enable Tracing and LogObj are enabled.
166520 In an edit mode, the Session Timeouts option is cleared for all components of an application.
174951,178652 WS-FED Assertion Generation GetUserProp() function was causing a Policy Server failure.
173800,181152 Policy Server terminated abruptly when a UDP packet is sent on port 44444 with a single byte containing 0x08 or 0x88.
177760,181467 Upgrade of Java Update 45 blocks the FSS UI applet jar.
175068 Policy Server terminates abruptly while authenticating a legacy administrator when the Administrative UI is protected by a custom java authentication scheme.
179879,182416 When we edit a domain, a policy loses its users that we configured from the authorization directory mapping.
181643,182418 xpssweeper throws errors related to user policy and federation users after configuring a federation partnership.
183017,183445 Policy Server terminates abruptly when the primary policy store in the failover configuration stops.
178158,169970 Policy Server terminates abruptly if the audit database stops.
178593,172971 Policy Server fails to trace the search failure during LDAP user directory failover.
178661,172871 Using a custom authentication scheme results in a memory leak in Policy Server.
179824,170745 Policy Server intermittently terminates due to double free call.
180969,178905 XPSImport with the -validate option fails to validate against CA_SiteMinder_WAM-XPS2.xsd.
176719,178646 APS throws an invalid weight error during a password change if the password is listed as a restricted word in the dictionary.
R12.51 CR02
========
Product: SiteMinder 12.51 CR02 Policy Server
February 25, 2014 Policy Server 12.51 CR02 contains fixes for the following tracking numbers:
Tracking # Problem description
---------- --------------------------------
174236, 182271 Upgrading from r6 to 12.51 results in the smpolicysrv process using 100 percentage of CPU usage.
172992, 182272 The Policy Server was randomly failing in a customer environment during key store fail-over. The core dump analysis verified that the failure was due to inappropriate data casting while printing the error logs.
181423, 182270 If the encryption key in the EncryptionKey.txt file contains null characters, the file from r6.0, r12.0 SP3, and r12.5 is incompatible with r12.51 CR01.
177001, 182980 During the data export, smkeyexport and the -k and -c options of smobjexport do not decrypt the keys.
R12.51 CR01
========
Product: SiteMinder 12.51 CR01 Policy Server
July 3, 2013 Policy Server 12.51 CR01 contains fixes for the following tracking numbers:
Tracking # Problem description
---------- -------------------
141018 The Policy Server now keeps all sensitive data encrypted in memory
158227 An issue when the Policy Server can take up to three minutes to shutdown has been resolved
158911 The DMS API now correctly returns group membership when an unlimited page size is used with CA Directory
62974 Any OnAuthAttempt events are now triggered in EPM model
165833 The XPSExplorer no longer displays passwords in clear text when passwords are being typed
166560 The Default and non-default tags are now correctly logged in syslog
167068 The Policy Server can now be configured to store values of UserDN and user name attributes in sm_objname and sm_objid columns of the audit database respectively
167675 A typographical error in the header of the smaccess.log file has been corrected
168047 The OneView monitor now appears correctly in non-English environments
168170 The Policy Server no longer crashes when creating Attribute Mapping when "Expression" is selected but its definition is empty
168718 The Policy Server no longer leaks memory while performing text-based audit-logging under heavy load conditions
169037 The Policy Server now logs a list of loaded event providers in smps log file
169347 The authentication calls in authorization APIs no longer fail with the custom active expressions
169412 The Certificate authentication scheme now correctly decodes multivalue RDN in certificate DN
169458 The startup times of the XPS tools with LDAP policy stores have been improved
169678 The performance of Java Policy Management API has been improved
169708 When using DLP integration, you no longer have to edit axis2c.xml file to be able to create applications from WAM UI
169734, 170190, The performance of the Policy Server has been improved
171012
169765 The audit schema for the DB2 database now supports assertion auditing
169950, 169948, Various language translation issues have been addressed
169980, 170002, in this release
170079, 170087,
170089, 170092,
170093, 170114,
171064
169963, 170166, The smobjimport command no longer fails with illegal XML
170098 characters error while importing SiteMinder r6 smdif files
170095 The Policy Server installer now installs APSAPI libraries and APSAPI.h header file
170116 The Policy Server now correctly generates agent commands when an ACO or HCO object is created or modified through the Policy Management API
170264 The Linux Policy Server no longer crashes on authentication requests when referrals are enabled in an Active Directory user store
170270, 170502 The Policy Server configuration wizard can now properly configure ADLDS or ODSEE 11g as a policy store
170321 The SiteMinder Policy Server configuration wizard now correctly configures One View monitor with ServletExec on Linux
170328 An issue with key trace messages not being reported to the Policy Server trace log has been resolved in this release
170582 The Wily Manager now correctly reports Policy Server status when password policies are not configured or Identity Minder integration is not enabled
171208 The Policy Server will no longer perform frequent updates of the policy store related to the Agent Discovery functionality
171256 The XPSImport no longer fails with an XML parser error when encountering invalid XML characters in the input file