Novell

This is Your Open EnterpriseTM

IDM Roles Based Provisioning Module 361 Field Patch A

This document (5033820) is provided subject to the disclaimer at the end of this document.

patches this patch supersedes

This patch does not supersede any other patches.

patches that supersede this patch

ProductStatusNext Superceded ByLast Superceded By
Novell Identity Manager Roles Based Provisioning Module 3.6.1ObsoleteIDM Roles Based Provisioning Module 361 Field Patch BIDM Roles Based Provisioning Module 361 Field Patch B

patch attributes

Security patch: Yes
Priority: Mandatory
Distribution Type: Public
http://download.novell.com/Download?buildid=zEx-U5RF-sQ~

document

Revision: 3
Document ID: 5033820
Creation Date: 2008-08-29 13:04:38
Modified Date: 2008-12-17 11:02:56

abstract

Field Patch 361A for Identity Manager Roles Based Provisioning Module 3.6.1 (User Application 3.6.1)

details

Overview: Field Patch 361A for User Application 3.6.1

System Requirements: Windows, SLES, RHEL or Solaris

Installation: This is explained in the README.1st within the archive file

Outline of the Patch Installation Steps


1) Stop the Application Server

2) Make a back-up of the User Application war file and place it is a safe folder (outside of your install directory)

3) Extract the contents of the archive to your hard drive

4) Launch PatchUserApp (as the same user who installed the User Application. and make sure to use the correct installer)

4.a) On the second screen you will select the 'Choose' button, navigate, select patch file (For Example: UAPatch361A.zip), then press Open, and then press Next

4.b) On the third screen you will select the 'Choose' button, navigate to your install directory and select the install.properties file, then Press Open, and then press Next

4.c) Take the defaults on the reset of the screens


*If this installation of the User Application is the non-provisioning version, near the end of the Patch process, you will receive errors about not finding jar(s) Please press OK and let the patch install continue. This is expected behavior since you have the non-provisioning Install of the UA. We only create one version of the patch*

**If this installation of the User Application is on Windows, you will receive an informational warning at the end of the patch install that the "openwar" directory may not have been deleted and that you need to check. If the openwar directory (located in \idm\jboss\server\IDM\deploy directory for example) does exist, please delete as the informational warning outlines. **

5) Once the Patch installation has finished, complete the manual steps that are outlined in the README (They are located under "Special Instructions" for the bug that they apply to:

For Example:

**********************************************************
*******************Special Instructions******************
**********************************************************

6) Once the above has been completed and the Application Server has been restarted or the war has been re-deployed, you can confirm the patch level. To accomplish this, login to the User Application and press the Help link in the Header you will see the information similar to the following at the bottom of the page:


Identity Manager version 3.6.1 Patch A
Build Revision 28588


NOTE: The Patch level should match the version of the patch you just installed.


Uninstalling: This is explained in the README.1st within the archive file

Known Problems and Limitations:
======================================================================
Patch 361A
======================================================================

*Bug 401456 - User Activity Approver Type Group - Escalated task displays wrong timeout, some cases leave extra task queued

*Bug 402322 - Blank role assignment report with special character role name

*Bug 409238 - Field Patch (361): User App allows 5 tries instead of 3 to answer challenge questions

*Bug 401766 - Role Display Name is not used in Role Assignment UI

*Bug 409327 - Field Patch (361): Cannot see custom themes when using farm deployment in JBoss

*Bug 394584 - (361): Export portlet does not resolve DN type attributes

*Bug 411286 - Field Patch (361): Canceling a Request will return the user to the last accessed page when executed from the Resource Portlet

*Bug 413912 - Field Patch (361): PasswordChange.jsf Displays w/o Login

*Bug 412737 - Field Patch (361): Change reset link in SearchListPortlet to button

*Bug 401928 - 361: OrgChartPortlet, click on "Show info" generates error

*Bug 415028 - Field Patch (361): Potential XSS vulnerability in ForgotPassword.jsf

*Bug 413917 - Field Patch (361): After clicking OK on expired pwd warning msg, user goes to default page instead of requested page

*Bug 415021 - User does not land on their “default” page when using iChain or Access Manager

*Bug 410052 - Hitting "Too many open files" when a lot of role requests exist that require workflow

*Bug 405374 - Sort by Request Date and Deadline does not sort the Display Label as the secondary sort on View Request Status

======================================================================


Technical Support Information: If you experience any issues with this Patch, please open a Service Request with the IDM User Application Support Team.

security fixes

There is the ability to Post scripts into the attribute rtnaddr that is used with the ForgotPassword.jsf for the User Application
*Bug 415028 - Field Patch (361): Potential XSS vulnerability in ForgotPassword.jsf

file contents

Files IncludedSizeDate
UA361A-Windows.zip23.0 MB (24136499)2008-08-26 12:00:38
UA361A-Linux.tar.gz31.5 MB (33132447)2008-08-26 12:01:17
readme_5033820.htmlN/A2008-12-17 11:02:57

disclaimer

The Origin of this information may be internal or external to Novell. Novell makes all reasonable efforts to verify this information. However, the information provided in this document is for your information only. Novell makes no explicit or implied claims to the validity of this information. Any trademarks referenced in this document are the property of their respective owners. Consult your product manuals for complete trademark information.

Novell is a registered trademark of Novell, Inc. in the United States and other countries. SUSE is a registered trademark of SUSE Linux AG, a Novell business. *All third-party trademarks are the property of their respective owners.

© 2007 Novell, Inc. All Rights Reserved.