Access Manager Appliance 4.3 Service Pack 1 Hotfix 1 (4.3.1.1) supersedes Access Manager Appliance 4.3 Service Pack 1 (4.3.1).
For the list of software fixes and enhancements in the previous release, see Access Manager Appliance 4.3.1 Release Notes.
The general support for Access Manager 4.3 ends on 31st May 2018. For more information, see the Product Support Lifecycle page.
This release includes the security fix for an issue with Identity Server and a SAML 2.0 service provider application when virtual attributes are used in an assertion (CVE-2017-5190).
For more information on this issue refer TID 7018792.
To ensure that you have the Access Manager 4.3.1 files before upgrading to Access Manager 4.3.1.1, verify the existing Access Manager version by clicking Troubleshooting > Version.
IMPORTANT:In a cluster setup, ensure that you install the hotfix on each node of the Access Manager setup.
This hotfix helps in upgrading to the latest Access Manager with ease.
If you have multiple components installed on the same system, the hotfix installation process will take care of updating all the binaries of these components. For example, if you have both Identity Server and Administration Console installed on a system, installing the hotfix takes care of updating the binaries of Identity Server and Administration Console.
IMPORTANT:Ensure that you are currently on Access Manager 4.3.1 before upgrading to Access Manager 4.3.1.1.
To download Access Manager Appliance 4.3.1.1, perform the following steps:
Go to NetIQ Downloads Page.
Under Patches, click Search Patches.
Specify AM_4311.zip in the search box and download the file.
Save the hotfix file to the server running Access Manager. If you have multiple servers in your set up, ensure that you copy this zip file to all the servers.
NOTE:This hotfix is not required for Analytics Server.
Perform the following steps to install hotfix on Linux:
NOTE:This installation is not applicable for Analytics Server.
Extract the hotfix file by using the unzip AM_4311.zip command.
After extraction, the following files and folders are created in the AM_4311 folder:
Table 1 Files and folders created in the AM_4311 folder after extracting the hotfix installer ZIP file
|
File/Folder Name |
Description |
|---|---|
|
rpm |
Contains rpm files for the patch to run on a Linux server. |
|
Patchtool |
Contains logging properties file and files necessary for the patch to run on a Windows server. |
|
installPtool.sh |
Script to install the patch and the patch tool on a Linux server. |
|
installPatch.sh |
Script to install the patch tool and the updated binaries on a Linux server. |
|
installPtool.cmd |
Script to install the patch on a Windows server. |
Log in as the root user.
Go to the location where you have extracted the patch files.
Run the sh installPatch.sh command.
This command installs the hotfix and the bundled binaries.
HINT:To manage the Access Manager hotfix file, refer Managing Hotfix.
If the hotfix is already installed, the installer exits with a message.
Perform the following steps to install hotfix on Windows:
Extract the files from AM_4311.zip.
Run command prompt as an administrator.
Run the installPtool.cmd command.
This installs the hotfix binaries on the Windows system.
HINT:To manage the Access Manager hotfix file, refer Managing Hotfix.
After the patch is installed, go to the following folder:
For Linux: /opt/novell/nam/patching/bin.
For Windows: C:\Program Files\Novell\patching\bin
Use the following options to manage the Access Manager hotfix (patch) file:
|
Option |
Description |
Command on Windows server |
|---|---|---|
|
-qa |
Lists all installed hotfixes. |
patch.cmd -qa |
|
-q |
Lists details of an installed patch. |
patch.cmd –q Example: patch.cmd –q AM_4311-57 |
|
-i |
Installs a patch. During installation of a patch, all running services are stopped temporarily. After a patch is installed, all services are restarted and details of the operation are written to log files. |
patch.cmd –i <location and patch name> Example: patch.cmd –i C:/Patches/AM_4311/AM_4311-57.patch |
|
-e |
Removes an installed patch. The patch maintains content relationship among patches. So, if you have installed patch 1 and patch 2, patch 1 cannot be removed without removing patch 2. This is because patch 2 contains details of patch 1 as well.During the patch process, all the running services are stopped temporarily. |
patch.cmd –e <patch name> Example: patch.cmd –e AM_4311-57 |
|
-qpl |
Lists details of a patch that is not installed. If you want to view the changes that are included in the patch file without installing it on your server, use this option |
patch.cmd –qpl <location and patch name> Example: patch.cmd –qpl C:/Patches/AM_4311/ AM_4311-57.patch |
|
-v |
Verifies integrity of a patch. |
patch.cmd –v <location and patch name> Example: patch.cmd –v C:/Patches/AM_4311/ AM_4311-57.patch |
|
-t |
Verifies if services can be restored by the installer. Use this option to stop/start all services after the installation of patch. |
patch.cmd –t <location and patch name> Example: patch.cmd –t C:/Patches/AM_4311/ AM_4311-57.patch |
After upgrading to Access Manager 4.3.1.1, verify that the version number of the component is indicated as 4.3.1.1-57. To verify the version number, perform the following steps:
In Administration Console Dashboard, click Troubleshooting > Version.
Verify that the Version field displays 4.3.1.1-57.
Our goal is to provide documentation that meets your needs. If you have suggestions for improvements, please email Documentation-Feedback@netiq.com. We value your input and look forward to hearing from you.
For detailed contact information, see the Support Contact Information website.
For general corporate and product information, see the NetIQ Corporate website.
For interactive conversations with your peers and NetIQ experts, become an active member of our community. The NetIQ online community provides product information, useful links to helpful resources, blogs, and social media channels.
For information about legal notices, trademarks, disclaimers, warranties, export and other use restrictions, U.S. Government rights, patent policy, and FIPS compliance, see https://www.netiq.com/company/legal/.
Copyright © 2017 NetIQ Corporation, a Micro Focus company. All Rights Reserved.