NetIQ Privileged User Manager 2.4 SP1 Hotfix 1 resolves specific previous issues. This document outlines why you should install this hotfix.
Many of these improvements were made in direct response to suggestions from our customers. We thank you for your time and valuable inputs. We hope you continue to help us ensure our products meet all your needs. You can post feedback in the Privileged User Manager Community Support Forum, our community Web site that also includes product notifications, blogs, and product user groups.
To download this product, see the NetIQ Downloads Web site. For more information about the new features, enhancements, and software fixes in the previous release, see the Privileged User Manager Documentation Web site.
The following sections outline the issues resolved in this release:
Issue: The OpenSSL version 1.0.1h is vulnerable to the Poodle vulnerability. (Bug 905691)
Fix: This hotfix updates the OpenSSL version from 1.0.1h to 1.0.1j to address the vulnerability. For information about the list of fixes for OpenSSL 1.0.1, see OpenSSL 1.0.1 Branch Release Notes.
Issue: When a user runs an RDP Relay session for an extended period, the session becomes unresponsive. Due to this, the session does not generate the report data and the unifid.log file includes an access violation message. (Bug 786206)
Fix: With this hotfix, the session runs seamlessly and hence, generates the report data.
Issue: When a user attempts to establish an SSH relay session, the session displays a prompt to enter the PUM credentials. After entering the PUM credentials, the session displays a prompt to enter the passphrase of the private key. (Bug 906251)
Fix: This hotfix updates the passphrase for the privileged account. To ensure the prompt for passphrase does not display, after creating a privileged account, modify the credentials by using the Modify Credentials option.
For information about hardware and software requirements, see Installation Requirements
in the NetIQ Privileged User Manager 2.4.1 Installation Guide.
Privileged User Manager supports two ways to install the hotfix. You can use any of the following ways:
You can configure your system to use the NetIQ Customer Center (NCC) and use the Package Manager to distribute the hotfix. See Section 3.1, Using the Package Manager with NCC
You can download the hotfix from the download site, install it on a local system, then use the Package Manager to distribute the hotfix. See Section 3.2, Using the Package Manager with a Local Server
Configure the Package Manager by using Novell Update Server:
Log in to the Framework Manager console.
Click Package Manager > Settings.
From the drop-down menu, select Novell Update Server.
Configure the following fields:
User name: Specify the user name that allows you to log in to the NetIQ Customer Center.
Password: Specify the password that is associated with this account.
To view the update server information, select
.Select the
checkbox, the following URL is configured:https://nu.novell.com:443/PUM/packages
Click Finish.
(Conditional) Configure the Package Manager by using Local Package Manager:
Select
.Fill in the following fields:
Host name: Specify the DNS name of the host.
Port: Specify the communication port. The default is 29120.
The Local Package Manager is a Framework host that has been configured to store the packages.
(Conditional) If you do not have the Framework patch loaded in your Package Manager:
Click
on the home page of the console, then click .Configure the
to display the packages you need.Platform: Select your platforms. Make sure you select
, which displays the console packages that run on all platforms.Types: Select at least
, and .Components: Select all of them:
, , and .Select all the packages that are listed. Make sure you select the
.Click
, then click when the packages have been successfully downloaded.To ensure that all packages are up-to-date, click
.Select any packages that are listed.
Click
, then click when the packages have been successfully downloaded.Load the updates:
In the Package Manager page, click Check for Updates.
If updates are listed, select the packages, then click Next.
After the hotfix are loaded, click Finish.
To push the hotfix to your host machines, continue with Section 3.3, Installing the Hotfix on Host Machines.
Download the hotfix manually:
On the NetIQ Downloads site, select the Basic Search tab.
On the right pane, select Search Patches.
On the Patch Finder page, select Privileged User Manager from the list of products.
Click Search > Privileged User manager 2.4.1 and select to download Privileged User Manager 2.4.1 HF1.
Extract and publish packages into the Framework:
Copy the netiq-npum-packages-2.4.1-1.tar.gz file to any of the Privileged User Manager machines.
Extract netiq-npum-packages-2.4.1-1.tar.gz into a temporary location, such as a /tmp/framework/ directory.
tar -xvf netiq-npum-packages-2.4.1-1.tar.gz
Use the following command to publish the packages to the Package Manager.
Replace <admin> with the name of your admin user.
For Linux and UNIX platforms:
/opt/netiq/npum/sbin/unifi -u <admin> distrib publish -d /tmp/framework
NOTE:If you are using PUM 2.3.3 or earlier version, run the following command:
/opt/novell/npum/sbin/unifi -u <admin> distrib publish -d /tmp/framework
For Windows platforms:
c:\Program Files\netiq\npum\bin\unifi -u <admin> distrib publish -d c:\tmp\framework
NOTE:If you are using PUM 2.3.3 or earlier version, run the following command:
c:\Program Files\novell\npum\bin\unifi -u <admin> distrib publish -d c:\tmp\framework
When prompted, enter the name and password for the administrator.
To push the hotfix to your host machines, continue with Section 3.3, Installing the Hotfix on Host Machines.
During the process of installing the packages through the Framework, you can create a backup of the existing packages that are being replaced. To create the backup, you need to leave the Create backup option enabled when installing the hotfix. Then if you want to remove the update, you can use the Rollback Packages option.
You can select to install the hotfix on all hosts or on selected hosts.
Log in to the Framework Manager console.
To install the hotfix on all hosts (if you want to install the hotfix on only selected hosts, skip to Step 3):
On the Home page, click Hosts.
Select the root domain.
In the left frame, select Update Domain Packages.
Select the desired hosts.
Use Shift+click or Ctrl+click to select multiple hosts.
Click Next.
Click Finish.
To install the hotfix on selected hosts:
Click Hosts > Update Packages on the home page of the console.
Select the desired Hosts.
Use Shift+click or Ctrl+click to select multiple hosts.
Click Next.
Click Finish.
THIS DOCUMENT AND THE SOFTWARE DESCRIBED IN THIS DOCUMENT ARE FURNISHED UNDER AND ARE SUBJECT TO THE TERMS OF A LICENSE AGREEMENT OR A NON-DISCLOSURE AGREEMENT. EXCEPT AS EXPRESSLY SET FORTH IN SUCH LICENSE AGREEMENT OR NON-DISCLOSURE AGREEMENT, NETIQ CORPORATION PROVIDES THIS DOCUMENT AND THE SOFTWARE DESCRIBED IN THIS DOCUMENT "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. SOME STATES DO NOT ALLOW DISCLAIMERS OF EXPRESS OR IMPLIED WARRANTIES IN CERTAIN TRANSACTIONS; THEREFORE, THIS STATEMENT MAY NOT APPLY TO YOU.
For purposes of clarity, any module, adapter or other similar material (“Module”) is licensed under the terms and conditions of the End User License Agreement for the applicable version of the NetIQ product or software to which it relates or interoperates with, and by accessing, copying or using a Module you agree to be bound by such terms. If you do not agree to the terms of the End User License Agreement you are not authorized to use, access or copy a Module and you must destroy all copies of the Module and contact NetIQ for further instructions.
This document and the software described in this document may not be lent, sold, or given away without the prior written permission of NetIQ Corporation, except as otherwise permitted by law. Except as expressly set forth in such license agreement or non-disclosure agreement, no part of this document or the software described in this document may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, or otherwise, without the prior written consent of NetIQ Corporation. Some companies, names, and data in this document are used for illustration purposes and may not represent real companies, individuals, or data.
This document could include technical inaccuracies or typographical errors. Changes are periodically made to the information herein. These changes may be incorporated in new editions of this document. NetIQ Corporation may make improvements in or changes to the software described in this document at any time.
U.S. Government Restricted Rights: If the software and documentation are being acquired by or on behalf of the U.S. Government or by a U.S. Government prime contractor or subcontractor (at any tier), in accordance with 48 C.F.R. 227.7202-4 (for Department of Defense (DOD) acquisitions) and 48 C.F.R. 2.101 and 12.212 (for non-DOD acquisitions), the government's rights in the software and documentation, including its rights to use, modify, reproduce, release, perform, display or disclose the software or documentation, will be subject in all respects to the commercial license rights and restrictions provided in the license agreement.
© 2014 NetIQ Corporation. All Rights Reserved.
For information about NetIQ trademarks, see http://www.netiq.com/company/legal/.