IDM 3.0.1 Bi-Directional Top Secret Driver Patch 4 20071008

This document (5006640) is provided subject to the disclaimer at the end of this document.

patches this patch supersedes

File	Product	Status	Patch
idm301bidirtopsecretir3.tar.gz	Identity Manager 3.0.1	Obsolete	IDM 3.0.1 Bi-Directional Top Secret Driver Patch 3 20070620

patches that supersede this patch

This patch is not superseded by any other patches.

patch attributes

Security patch: No

Priority: Recommended

Distribution Type: Public

http://download.novell.com/Download?buildid=ihAA2TqBG7k~

document

Revision: 8

Document ID: 5006640

Creation Date: 2007-10-11 13:22:43

Modified Date: 2008-05-14 14:53:46

abstract

Novell Identity Manager Driver for Top Secret 2.0 Novell Identity Manager Integration Modules for Mainframes 3.1 A cumulative Field patch for TopSecret.xml, zOS.jar, IDMLOAD.XMT, SAMPLIB.XMT, TSSEXEC.XMT

details

Installation Instructions
-------------------------

1. Stop the driver and driver shim, if they are already running

2. Install the new zOS.jar:
a. Copy zOS.jar to your IDM class library location
i. /usr/lib/dirxml/classes for eDir 8.7
ii. /opt/novell/eDirectory/lib/dirxml/classes for eDir 8.8
b. Restart eDirectory to refresh the classpath for IDM
i. /etc/init.d/ndsd restart

3. Import the new TopSecret.xml
a. If you have already installed the driver, make sure to update
all policies to apply fixes corrected by this configuration file

4. Install the patched .XMT files to your zOS Top Secret system
a. FTP the .XMT files in binary mode
b. Restore the libraries. Here is an example using ftp:

----From Workstation------

C:\temp>dir *.xmt
Volume in drive C is Windows C Drive
Volume Serial Number is F0F9-3F51

Directory of C:\temp

10/08/2007 9:39 AM 6,285,520 IDMLOAD.XMT
10/08/2007 9:39 AM 83,040 SAMPLIB.XMT
10/08/2007 9:39 AM 176,880 TSSEXEC.XMT
3 File(s) 6,545,440 bytes

C:\temp>ftp mainframe
Connected to mainframe.
220-FTPD1 IBM FTP CS V1R6 at mainframe, 17:37:05 on 2006-12-11.
220 Connection will close if idle for more than 5 minutes.
User (mainframe:(none)): user1
331 Send password please.
Password:
230 USER1 is logged on. Working directory is "USER1.".
ftp> bin
200 Representation type is Image
ftp> quote site lrecl=80 recfm=fb
200-BLOCKSIZE must be a multiple of LRECL for RECFM FB
200-BLOCKSIZE being set to 6160
200 SITE command was accepted
ftp> put idmload.xmt 'idmload.new.xmt'
200 Port request OK.
125 Storing data set IDMLOAD.NEW.XMT
250 Transfer completed successfully.
ftp> put samplib.xmt 'samplib.new.xmt'
200 Port request OK.
125 Storing data set SAMPLIB.NEW.XMT
250 Transfer completed successfully.
ftp> put tssexec.xmt 'exec.new.xmt'
200 Port request OK.
125 Storing data set EXEC.NEW.XMT
250 Transfer completed successfully.
ftp> bye
221 Quit command received. Goodbye.

----From Mainframe TSO-----

READY
receive inda('idmload.new.xmt')
INMR901I Dataset SYSTEMS.ASCDEV.LOAD from USER1 on NODENAME
INMR154I The incoming data set is a 'PROGRAM LIBRARY'.
INMR906A Enter restore parameters or 'DELETE' or 'END' +
da('idm.load')
IEBCOPY MESSAGES AND CONTROL STATEMENT
S PAGE 1
IEB1135I IEBCOPY FMID HDZ11H0 SERVICE LEVEL UA13496 DATED 20040901 DFSMS 01.
06.00 z/OS 01.06.00 HBB7709 CPU 1247
IEB1035I USER1 SYSPROC SYSISPF 12:44:06 MON 11 DEC 2006 PARM=''
COPY INDD=((SYS00220,R)),OUTDD=SYS00218
IEB1013I COPYING FROM PDSU INDD=SYS00220 VOL=STG00B DSN=SYS06345.T124405.RA000
.USER1.R0158436
IEB1014I TO PDSE OUTDD=SYS00218 VOL=STG00C DSN=IDM.LOAD
IGW01551I MEMBER SRVFIOS HAS BEEN LOADED
.
.
.
IEB147I END OF JOB - 0 WAS HIGHEST SEVERITY CODE
INMR001I Restore successful to dataset 'IDM.LOAD'
READY

-------------

5. Start the driver and driver shim

Issues fixed in this patch:

Current Issues:
- Fixed mishandling of unicode characters that would result in the driver shim, TSDRV, abending.

- Fixed IDMQUERY to specify NOREADATTRS when a query containing all attributes not found in SAF was processed.

Previous Issues:
- Fixed problem with the publisher channel accessing changelog while subscriber is executing authorized TSO commands. This can cause the driver shim to hang.

- Fixed memory leak in the driver shim.

- Fixed IDMADDU script to handle the USING field properly.

- Fixed IDMADDU script to not specify TYPE(USER); instead accept the default.

- Fixed TopSecret.xml to default the Password Expiration Interval to 30 days.

- Fixed TopSecret.xml to properly transform the FOR field to an UNTIL field

- Two modules, SRVFIOS and SRVPLMVS, were missing from the IDM.LOAD library included in the Identity_Manager_3_1_Mainframes.iso. They are contained in the transmit file idmload.xmt.

- Fixed Password Interval synchronizing invalid data format which caused PASSINT to contain an invalid value.

- Fixed Input Transform to recognize and strip TSS comments.

- Fixed TSS published command to support comments.

- Fixed OC4 abend in SAFQUERY if SAF returns zero-length field.

- Fixed error publishing heartbeat responses

- Fixed error retrieving integer init parameters

- Fixed bug where driver would start up without having passwords properly set

- Fixed ABEND that can occur if driver filter does not contain any filter classes

- OpenSSL updated to 0.9.7l

- Fixed u1000 abend when running LOGINIT job

- Fixed IDMHRTBT to properly publish heartbeat status docs.

- Added procedure to escape single quotes (') inside data. This would cause invalid TSO commands to be generated

- Fixed add script error when adding EXPIRED with no password interval

- Fixed modify script error for attribute EXPIRED

- Fixed bug that didn't allow for setting mixed-case loader and driver passwords

- Added member IDMTRACE, a Rexx utility function for tracing messages with timestamps

- Added options to IDMGLBL for enabling script tracing and displaying TSO output.

- Fixed RENAME events on the publisher channel.

file contents

Compressed File Name: idm301bidirtopsecretir4.tar.gz

Files Included	Size	Date
readme_5006640.html	N/A	2008-05-14 14:53:47

disclaimer

The Origin of this information may be internal or external to Novell. Novell makes all reasonable efforts to verify this information. However, the information provided in this document is for your information only. Novell makes no explicit or implied claims to the validity of this information. Any trademarks referenced in this document are the property of their respective owners. Consult your product manuals for complete trademark information.

Novell is a registered trademark of Novell, Inc. in the United States and other countries. SUSE is a registered trademark of SUSE Linux AG, a Novell business. *All third-party trademarks are the property of their respective owners.