Host Access Management and Security Server 12.3 - Release Notes

  • 7021619
  • 21-Jun-2016
  • 02-Mar-2018

Environment

Host Access Management and Security Server version 12.3

Situation

Host Access Management and Security Server (MSS) version 12.3 released June 2016. This technical note describes new features, fixes, and known issues in these releases.

This technical note includes the following topics:

Important

Micro Focus became aware of a serious security vulnerability in this product that could lead to an information disclosure from the server(s) where it is installed. This vulnerability has been corrected in Host Access Management and Security Server version 12.3.326. See https://support.microfocus.com/security/ for more information.

Resolution

Features Introduced in Version 12.3

Host Access Management and Security Server 12.3 (identified as version 12.3.113), in addition to the 12.2 features described in KB 7021613, includes the following features:

  • Micro Focus Advanced Authentication Add-On
  • Ability to create and manage Rumba terminal emulation sessions
  • Support for Solaris SPARC64
  • Updated RSA module: RSA BSAFE Crypto-J JSAFE and JCE software module version 6.2.1

For the latest Security Updates, see https://support.microfocus.com/security/?prod=MSS.

Installing or Upgrading

Maintained customers are eligible to download the latest product releases from the Downloads website at https://download.attachmate.com/Upgrades/. For more information on using Downloads, see KB 7021965.

Updating Management and Security Server 12.3

On the Downloads website, the 12.3 files are listed below the 12.3 release:

  1. On the Downloads website, in the “Host Access Management and Security Server” downloads, scroll down to the Current Product Release section.
  2. Download the updated installer for your platform.
  3. Before you run the installer, be sure to update your Add-On products.

Updating Add-On Products

If you have any add-on products installed, special action is required before running the installer:

  1. Download version-compatible activation (.jaw) files for each add-on product. On the Downloads website, you may need to navigate multiple entitled “Management and Security Server” add-on products.

Example: If you are licensed for “Management and Security Server - Advanced Authentication Add-On,” download the version 12.3 activation file (activation.advanced_authentication-12.3.jaw).

  1. Place the activation file(s) in the same directory as the Windows .exe installer (or unzipped Linux/Solaris installer files).

Example: MSS 12.3 installer for Windows 64-bit (.exe) and the Advanced Authentication activation file (.jaw) in the same folder:

2864_1.gif
  1. Run the MSS installer.

Note: If the MSS installer detects incompatible versions of activation files, you will be prompted to cancel the installation and install the activation files before resuming.

Additional Installation Information

  • Upgrading to Management and Security Server 12.3 from Management and Security Server 12.2 or Reflection Security Gateway 2014 R2 (12.1) is a direct process.

Upgrades from earlier versions of Reflection for the Web require an initial upgrade to Management and Security Server 12.2. See KB 7022345.

  • When upgrading from version 12.2 to 12.3, you may see a prompt stating, "The file already exists. Would you like to overwrite it?"

The workaround: Click Yes to All.

  • When the unix-nojre installer is used to install the product, the following error can occur on 64-bit RedHat Enterprise Linux when executing the "server" shell script.  A similar issue might also occur on other Linux or UNIX systems:
./server: /opt/microfocus/mss/server/bin/./wrapper-linux-x86-32: /lib/ld-linux.so.2: bad ELF interpreter: No such file or directory

The workaround: Delete the 32-bit wrapper binary named wrapper-*-32. For example, on Linux or AIX systems, delete the files named wrapper-linux-x86-32 or wrapper-aix-ppc-32 (respectively).

Note: This issue does not occur when using an installer that includes an embedded JRE.

Known Issues

  • After version 12.3, 32-bit platforms will no longer be supported.
  • After a successful stand-alone installation of Management and Security Server 12.3, the servletengine.log file (formerly named catalina.log) is not created.

Workaround: Restart the MSS server.

  • The IIS Single Sign-On authentication scheme fails to authenticate valid users. This behavior may be seen when configuring Reflection for the Web. Use this workaround.
    1. Navigate to the \Micro Focus\MSS\server\ directory.
    2. Open conf\container properties.

a. Make note of the ports defined in the property named "servletengine.ajpPorts," such as servletengine.ajpPorts=8001,8002 (These values are needed in step 3.)

b. Then, change the value for this property to zero (0):

servletengine.ajpPorts=0

Or, if you prefer, you could leave the value undefined:

servletengine.ajpPorts=

c. Save the file.

    1. Open web\server.xml. Locate this element: <Service name="Catalina">. Under that line, add the following Connector definitions.

a. Replace the <portValue> entries with the original port values noted in step 2.

<!-- Define a non-secure Coyote/JK2 AJP 1.3 Connector. Do not alter this comment. -->
<Connector debug="0" enableLookups="false" port="<portValue>" protocol="AJP/1.3" tomcatAuthentication="false"/>
<!-- Define a secure Coyote/JK2 AJP 1.3 Connector. Do not alter this comment. -->
<Connector debug="0" enableLookups="false" port="<portValue>" protocol="AJP/1.3" tomcatAuthentication="false"/>

Example:

<!-- Define a non-secure Coyote/JK2 AJP 1.3 Connector. Do not alter this comment. -->
<Connector debug="0" enableLookups="false" port="8001" protocol="AJP/1.3" tomcatAuthentication="false"/>
<!-- Define a secure Coyote/JK2 AJP 1.3 Connector. Do not alter this comment. -->
<Connector debug="0" enableLookups="false" port="8002" protocol="AJP/1.3" tomcatAuthentication="false"/>

b. Save the file.

  1. Restart the MSS server.

Resources

For technical resources including product documentation and technical notes, see https://support.microfocus.com/product/?prod=MSS.

For product information--including the Management and Security Server (MSS) Add-Ons--see https://www.attachmate.com/products/mss/.

Additional Information

Legacy KB ID

This document was originally published as Attachmate Technical Note 2864.