NetIQ Privileged User Manager 2.4 includes new features, improves usability, and resolves several previous issues. Many of these improvements were made in direct response to suggestions from our customers. We thank you for your time and valuable inputs. We hope you continue to help us ensure our products meet all your needs. You can post feedback in the Privileged User Manager Community Support Forum, our community Web site that also includes product notifications, blogs, and product user groups.
You can upgrade to Privileged User Manager 2.4 from Privileged User Manager 2.3 or later, or perform a new installation. Privileged User Manager 2.4 includes all fixes and features addressed in each Privileged User Manager 2.3 Service Pack and hotfix.
To download this product, see the Novell Downloads Web site. For more information about this release and for the latest release notes, see the Privileged User Manager Documentation Web site.
The following sections outline the key features, functions, and resolved issues in this release:
Privileged User Manager 2.4 uses HTML5 on the following pages to provide an enhanced user interface (UI) with improved usability and ease of navigation:
Login Page and Home Page
Framework User Manager
Package Manager
For more information, see the relevant chapters in the NetIQ Privileged User Manager 2.4 Administration Guide.
You can now configure audit zones and regulate the audit data traffic. For more information about audit zones, see Audit Zones
in the NetIQ Privileged User Manager 2.4 Administration Guide.
Privileged User Manager can be integrated with NetIQ Access Manager. For more information, see Integration with NetIQ Access Manager
in the NetIQ Privileged User Manager 2.4 Administration Guide.
Privileged User Manager 2.4 adds support for Windows Server 2012 GUI version.
For more information, see Supported Platforms
in the NetIQ Privileged User Manager 2.4 Installation Guide.
Privileged User Manager 2.4 provides software fixes for the following issues:
Issue: PUM was using OpenSSL version 1.0.1e, which was vulnerable to security threats. For more information, see http://heartbleed.com/.
Fix: PUM now uses OpenSSL version 1.0.1g.
Issue: While registering framework, in the License Registration screen, following error is displayed upon entering the license key:
Missing required argument
Fix: PUM 2.4 resolves this issue.
Issue: Core dumps after PUM is upgraded to 2.3.0-3 on AIX platform.
Fix: PUM 2.4 implements a new version of sqlite which replaces the encryption subsystem. The core dump issue is fixed in the new sqlite version.
Issue: Windows audit video files are not sent to the audit manager. The files are accumulated in the .work directory on the Windows Agent.
Fix: PUM 2.4 optimizes the video processing tasks and sends unprocessed video files to Audit Manager at agent startup.
Issue: When a RDP relay session is going on, if the unifid process stops/restarts, RDP relay session disconnects with the audit manager.
Fix: On Linux platforms, PUM 2.4 continues the RDP relay session connection with audit manager even when the unifid process stops/restarts.
Issue: EAC overwrites the command risk setting, if it is not defined in the EAC policy.
Fix: In PUM 2.4, EAC does not overwrite command risk settings.
Issue: Command line option to rollback packages does not resolve dependencies. You must apply dependencies individually.
Fix: In PUM 2.4, Dependencies are resolved. When you try to rollback a dependent module/framework/patch, you will get an error message, such as the following example message:
Failed to restore package - 'registry' is dependent
Issue: Audit data files do not play properly in the “output” mode. Some screenshots have missing data.
Fix: PUM 2.4 is resolves this issue. Audit data files now play properly, with correct screenshots.
Issue: When installing the Administration Manager (admin) package on a new agent install through the Package Manager, the following cosmetic error is displayed at install time.
In the GUI:
Administration Manger version 2.3.3 (Rev:23981, Bld:65) (can't open /opt/novell/npum/service/local/admin/../.keystore/https_ssl.xml: No such file or directory at (eval 15) line 10.
In the unifid.log file:
Error executing PostInstall: can't open /opt/novell/npum/service/local/admin/../.keystore/https_ssl.xml: No such file or directory at (eval 16) line 10.
Fix: PUM 2.4 resolves the admin package installation issue.
For information about hardware requirements, supported operating systems and browsers, and software requirements, see Installation Requirements
in the NetIQ Privileged User Manager 2.4 Installation Guide.
To install Privileged User Manager 2.4, see the NetIQ Privileged User Manager 2.4 Installation Guide.
To obtain the purchased license, log in to the Novell Customer Center and download the software and the license key. The ISO image contains the following directories and files for Framework Managers, Agents, and the Package Manager:
|
Package |
Description |
|---|---|
|
netiq-npum-agent-2.4-aix-5.1-powerpc.bff.gz |
Agent package for AIX 5.1 |
|
netiq-npum-manager-2.4-aix-5.1-powerpc.bff.gz |
Framework Manager package for AIX 5.1 |
|
Package |
Description |
|---|---|
|
netiq-npum-agent-2.4-hpux-11.00-hppa.depot.gz |
Agent package for HP-UX 11 and 11i HPPA |
|
netiq-npum-agent-2.4-hpux-11.23-ia64.depot.gz |
Agent package for HP-UX 11i v2 and v3 Itanium |
|
netiq-npum-manager-2.4-hpux-11.00-hppa.depot.gz |
Framework Manager package for HP-UX 11 & 11i HPPA |
|
netiq-npum-manager-2.4-hpux-11.23-ia64.depot.gz |
Framework Manager package for HP-UX 11i v2 and v3 Itanium |
|
Package |
Description |
|---|---|
|
netiq-npum-agent-2.4-linux-2.6-x86_64.rpm |
Agent package for Linux on Intel 64-bit machines with a 2.6 kernel |
|
netiq-npum-agent-2.4-linux-2.6-intel.rpm |
Agent package for Linux on Intel 32-bit machines with a 2.6 kernel |
|
netiq-npum-manager-2.4-linux-2.6-x86_64.rpm |
Framework Manager package for Linux on Intel 64-bit machines with a 2.6 kernel |
|
netiq-npum-manager-2.4-linux-2.6-intel.rpm |
Framework Manager package for Linux on Intel 32-bit machines with a 2.6 kernel |
|
Package |
Description |
|---|---|
|
netiq-npum-agent-2.4-solaris-2.8-intel.pkg.gz |
Agent package for Solaris 2.8 Intel |
|
netiq-npum-agent-2.4-solaris-2.8-sparc.pkg.gz |
Agent package for Solaris 2.8 SPARC |
|
netiq-npum-manager-2.4-solaris-2.8-intel.pkg.gz |
Framework Manager package for Solaris 2.8 Intel |
|
netiq-npum-manager-2.4-solaris-2.8-sparc.pkg.gz |
Framework Manager package for Solaris 2.8 SPARC |
|
Package |
Description |
|---|---|
|
netiq-npum-agent-2.4-tru64-5.0-alpha.tar.gz |
Agent package for Tru64 v5.x OSF1 |
|
Package |
Description |
|---|---|
|
netiq_pum_agent_2.4_x86.msi |
Agent package for Windows 32-bit computer |
|
netiq_pum_agent_2.4_x64.msi |
Agent package for Windows 64-bit computer |
|
netiq_pum_manager_2.4_x86.msi |
Framework Manager package for Windows 32-bit computer |
|
netiq_pum_manager_2.4_x64.msi |
Framework Manager package for Windows 64-bit computer |
|
Package |
Description |
|---|---|
|
netiq-npum-packages-2.4.tar.gz |
Zipped file for setting up a local package manager |
You can upgrade to Privileged User Manager 2.4 from Privileged User Manager 2.3 or later. To upgrade to Privileged User Manager 2.4, see Upgrading NetIQ Privileged User Manager
in the NetIQ Privileged User Manager 2.4 Installation Guide.
NetIQ Corporation strives to ensure our products provide quality solutions for your enterprise software needs. The following issues are currently being researched. If you need further assistance with any issue, please contact Technical Support.
For the list of known issues in previous versions of Privileged User Manager, see the Privileged User Manager 2.3 Documentation Web site.
Issue: RDP Relay sessions remain connected even after uninstalling or stopping PUM service.
Fix: Disconnect all the RDP Relay sessions before uninstalling or stopping PUM service.
Issue: When you install PUM on a Windows computer, Start>All Programs>NetIQ Privileged User Manager>Register PUM Agent option is displayed. After you register the PUM Agent, this option continues to display on the Start menu as a recently run application.
Non-admin users can view this and might try to register the PUM Agent again. This might cause a duplicate entry or break the current agent registration.
Issue: You might get insufficient memory error while adding packages in AIX. This happens because the AIX OS restricts the “per process memory” (RAM) to 128MB or 256MB, hence the unifid process fails to expand up to the required space for decompressing the package file.
Fix: Perform the following before adding packages:
Stop the NPUM Service:
stopsrc -s npum
Ensure that the service is stopped:
ps ax | grep unifid
Start the NPUM Service:
(Conditional) If you want to expand to 2GB RAM:
startsrc -s npum -e "LDR_CNTRL=MAXDATA=0x70000000"
(Conditional) If you want to expand to 1GB RAM:
startsrc -s npum -e "LDR_CNTRL=MAXDATA=0x30000000"
Issue: You might get the following error during PUM installation, if the /opt folder is on a different volume than where the /etc folder is, because RPM cannot write to the /etc folder:
error: unpacking of archive failed on file /etc/software/init.d/npum;52a5e1ef: cpio: link failed - Invalid cross-device link
Fix: PUM 2.4 installers are not supported when /var, /etc, and /opt folders are in different volumes. Ensure that these folders on same volume.
Issue: PUM UI displays the following error infrequently:
You are not authorized to perform this operation.
Fix: Perform the operation again or reload the page.
Issue: You might get insufficient memory error while adding packages in Solaris. This happens because Solaris restricts the “per process memory” (RAM) to 128 MB or 256 MB, so the unifid process fails to expand up to the required space for decompressing the package file.
Fix: Run the following command before adding packages:
ulimit -a
Issue: RDP Relay fails on a Windows Server 2012 computer when the RDP version is 8.0 or higher. To know the RDP version, see the mstsc version. If the mstsc version is 6.2.9200, it means that the RDP version is 8.0. By default, in Windows 8 and Windows Server 2012, RDP version is 8.0 or higher. When you perform RDP Relay from a client machine where RDP 8.0 is installed, RDP Relay to Windows Server 2012 does not work.
Fix: You can use Windows 7 or earlier version with mstsc 6.1.7601 or earlier version. If Windows 7 is updated to use latest version of RDP, you can downgrade to lower version by uninstalling update KB2592687. This is an optional update for Windows 7 and Windows Server 2008 R2 to update RDP protocol version.
THIS DOCUMENT AND THE SOFTWARE DESCRIBED IN THIS DOCUMENT ARE FURNISHED UNDER AND ARE SUBJECT TO THE TERMS OF A LICENSE AGREEMENT OR A NON-DISCLOSURE AGREEMENT. EXCEPT AS EXPRESSLY SET FORTH IN SUCH LICENSE AGREEMENT OR NON-DISCLOSURE AGREEMENT, NETIQ CORPORATION PROVIDES THIS DOCUMENT AND THE SOFTWARE DESCRIBED IN THIS DOCUMENT "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. SOME STATES DO NOT ALLOW DISCLAIMERS OF EXPRESS OR IMPLIED WARRANTIES IN CERTAIN TRANSACTIONS; THEREFORE, THIS STATEMENT MAY NOT APPLY TO YOU.
For purposes of clarity, any module, adapter or other similar material (“Module”) is licensed under the terms and conditions of the End User License Agreement for the applicable version of the NetIQ product or software to which it relates or interoperates with, and by accessing, copying or using a Module you agree to be bound by such terms. If you do not agree to the terms of the End User License Agreement you are not authorized to use, access or copy a Module and you must destroy all copies of the Module and contact NetIQ for further instructions.
This document and the software described in this document may not be lent, sold, or given away without the prior written permission of NetIQ Corporation, except as otherwise permitted by law. Except as expressly set forth in such license agreement or non-disclosure agreement, no part of this document or the software described in this document may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, or otherwise, without the prior written consent of NetIQ Corporation. Some companies, names, and data in this document are used for illustration purposes and may not represent real companies, individuals, or data.
This document could include technical inaccuracies or typographical errors. Changes are periodically made to the information herein. These changes may be incorporated in new editions of this document. NetIQ Corporation may make improvements in or changes to the software described in this document at any time.
U.S. Government Restricted Rights: If the software and documentation are being acquired by or on behalf of the U.S. Government or by a U.S. Government prime contractor or subcontractor (at any tier), in accordance with 48 C.F.R. 227.7202-4 (for Department of Defense (DOD) acquisitions) and 48 C.F.R. 2.101 and 12.212 (for non-DOD acquisitions), the government's rights in the software and documentation, including its rights to use, modify, reproduce, release, perform, display or disclose the software or documentation, will be subject in all respects to the commercial license rights and restrictions provided in the license agreement.
© 2014 NetIQ Corporation and its affiliates. All Rights Reserved.
For information about NetIQ trademarks, see http://www.netiq.com/company/legal/.