New Features in Reflection 14.0

  • 7021760
  • 31-May-2006
  • 01-Apr-2018

Environment

Reflection for IBM version 14.0
Reflection for HP version 14.0
Reflection for UNIX and OpenVMS version 14.0
Reflection X version 14.0
Reflection NFS Client version 14.0

Situation

This technical note lists the product enhancements in version 14.0 of Reflection for IBM, Reflection for HP, Reflection for UNIX and OpenVMS, Reflection X, Reflection FTP Client, and Reflection NFS Client (released May 2006).

Resolution

For more details on any feature, see the individual product Help files.

Reflection version 14.1 is available beginning June 2010. For a list of new features in 14.1, see KB 7021727.

For a list of fixes and features included in the latest Reflection 14.0 Service Pack, see KB 7021762.

Reflection for IBM

The following features are new in version 14.0 of Reflection for IBM.

Making connections

  • Support for iSeries Kerberos single signon.

You can now configure Reflection for IBM 5250 terminal sessions to sign on to IBM hosts using your Windows credentials. This works in conjunction with IBM's Enterprise Identity Mapping (EIM), which must be configured on your host computers.

  • Express Logon Feature (ELF) support for 3270 sessions

The IBM Express Logon Feature (ELF) enables you to connect and logon to 3270 sessions without entering a user ID and password. When this feature is configured, the Telnet 3270 server uses certificate information from an SSL connection and the application ID supplied by Reflection to request a user ID and a PassTicket (a temporary password) from the IBM host access control program RACF.

Public Key Infrastructure (PKI) support in SSL/TLS sessions

  • Reflection certificate store.

Certificates in the new Reflection store can be used for host and user authentication during Reflection SSL/TLS sessions. Use the new Reflection Certificate Manager to manage these certificates. (Reflection continues to support authentication using certificates in the Windows certificate store.)

  • LDAP support for CRL checking and storing intermediate certificates.

You can configure Reflection to use an LDAP server both for external CRL (Certificate Revocation List) checking and to store intermediate certificates. See the LDAP tab in the Reflection Certificate Manager.

  • Smart card support.

Reflection now supports authentication using smart cards that conform to PKCS#11 specifications. See the PKCS #11 tab in the Reflection Certificate Manager.

Working with the terminal window

  • New shortcut menu options.

Two new menu options, Hyperlink and Email, are available when you right-click text in the terminal display window. The Hyperlink option opens a browser window and enters the selected text in the address box. The Email option opens a new email message and enters the selected text for the recipient's address.

  • Configure how Reflection handles selected text.

You can now configure Reflection to copy text to the clipboard automatically whenever you select text in the terminal display. You can also control whether or not selected text is cleared automatically when it copied to the clipboard. To make this changes, go to Edit > Copy/Paste settings. The new settings are Automatically copy selected text and Clear selection after copy.

  • Hide the Operator Information Area (OIA).

The new Show OIA setting specifies whether Reflection shows operation and status messages in the Operator Information Area (OIA) at the bottom of the terminal window. To configure this display option, go to Setup > Display > Options.

Programming

  • New programming commands.

The following methods and properties have been added to the Reflection for IBM Visual Basic for Applications API: ExpressLogonFeatureApplid, UseWindowsCredentials, TelnetEncryptionDisableCRLCheck, MouseHyperlink, MouseMailTo, QuickTextURL, ShowOIA, AutoCopyOnSelect, ClearSelectionOnCopy, CertificatePropertiesDlg, AllowInvalidThaiInput, CurrentLocale, CitrixIPAddress, CitrixPCName, CitrixUserName.

New Default Folders for Reflection

As a result of the company name change, starting with this version, certain Reflection folders are in new locations. See the "Name and Folder Location Changes" section of KB 7021761 for more information.

Reflection for HP, UNIX and OpenVMS

The following features are new in version 14.0 of these Reflection applications:

Reflection for HP
Reflection for UNIX and OpenVMS
Reflection for ReGIS Graphics

File Transfer

  • WRQ/Reflection file transfer to VMS hosts running on IA-64 systems

The host program VAXLINK2 has been ported to the Itanium Integrity Server using the Alpha Environment Software Translator (AEST) utility. The AEST utility translates the alpha executable image into an I64 compatible object. For more information, install the Administrator Help (not included with a Typical installation), and see "About the IA64 version of VAXLINK2."

Public Key Infrastructure (PKI) Certificates

  • Reflection certificate store.

Certificates in the new Reflection store can be used for host and user authentication during Reflection SSH and SSL/TLS sessions. Use the new Reflection Certificate Manager to manage these certificates. (Reflection continues to support authentication using certificates in the Windows certificate store.)

  • Key Agent authentication using imported certificates.

You can now import certificates into the Reflection Key Agent and have them available for user authentication for Secure Shell connections.

  • LDAP support for CRL checking and storing intermediate certificates.

You can configure Reflection to use an LDAP server both for external CRL (Certificate Revocation List) checking and to store intermediate certificates. See the LDAP tab in the Reflection Certificate Manager.

  • Smart card support.

Reflection now supports authentication using smart cards that conform to PKCS#11 specifications. See the PKCS #11 tab in the Reflection Certificate Manager.

Secure Shell connections

  • Drop-down list for selecting SSH config schemes.

If you have already created an SSH Config scheme, or configured settings for a particular host, you can easily use this configuration again. All configured hosts and schemes are now available for selection from a convenient drop-down list.

  • Automatically launch local applications.

Use the Local Port Forwarding dialog box to configure Reflection to launch an application automatically after the Secure Shell connection has been established. This feature makes it easier to send data securely through the SSH Tunnel from any application installed on the local computer.

  • Configure Multi-hop SSH connections.

Use multi-hop connections when you need to establish secure connections through a series of SSH servers. This is useful if your network configuration doesn't allow direct access to a remote server, but does allow access via intermediate servers.

  • Reuse established SSH connections.

You can reuse an established SSH connection when you open multiple sessions to the same host—additional sessions don’t require re-authentication. To change this setting use the General tab of the Secure Shell Settings dialog box.

  • Forward FTP communications.

Reflection can now forward all FTP communications—including the FTP command channel and data channel(s)—through an existing secure SSH tunnel.

  • Configure FIPS mode for specific sessions.

FIPS mode can now be configured on a per-session basis. Reflection also continues to support use of group policy to enforce FIPS mode for all sessions.

  • VT220 emulation for Secure Shell command line sessions.

New keywords are available for configuring VT220 emulation for command line ssh and ssh2 sessions. These can be configured in the Secure Shell configuration file, or by using the -o command line switch. To see a list of these new terminal settings, see "Secure Shell, configuration file keywords (terminal settings)" in the Reflection application Help index.

  • Full support for both OpenSSH and F-Secure style command line switches.

The ssh, scp, and sftp command line utilities now support the full range of command line switches provided by equivalent OpenSSH-style utilities. New ssh2, scp2, and sftp2 utilities have been added for customers who are migrating from F-Secure and need to maintain scripts written for the F-Secure command line utilities.

  • Scp transfers use the sftp subsystem.

The scp and scp2 command line utilities now use the sftp subsystem to transfer files securely. (Backwards compatibility for OpenSSH-style scp transfer, which uses rcp through the SSH tunnel, is available using the -1 switch.)

Migration from F-Secure

  • More complete migration of F-Secure certificates and settings.

The Reflection F-Secure migration wizard now migrates a more complete set of F-Secure settings for use with the Reflection client. Migrated information now includes certificates and PKI settings, default profiles, and the F-Secure ssh2_config file.

New Default Folders for Reflection

As a result of the company name change, starting with this version, certain Reflection folders are in new locations. See the "Name and Folder Location Changes" section of KB 7021761 for more information.

Reflection X

The following features are new in version 14.0 of Reflection X.

x64 Support

Reflection X for x64 version 14.0 is designed to work with systems running Microsoft Windows XP x64 Edition and Microsoft Windows Server 2003 x64 Edition. Although 32-bit Windows applications can run on these platforms, only a native 64-bit application such as Reflection X for x64 can take full advantage of their architecture, which processes more data per clock cycle, allows greater access to memory, and speeds numeric calculations.

Compliance with the X11R6.9 Release

Reflection X complies with the X11R6.9 release of the X Window system, released on December 21, 2005. Now, X Window system desktop projects, such as Gnome and KDE, can greatly extend their visual user interface vocabulary when running on Reflection X while still ensuring backward compatibility for existing applications.

Server Enhancements

  • New XI Driver Client server extension.

With the XI Driver Client, you can use a SpaceBall or SpaceMouse input device installed on your local PC to work with a 3D CAD/CAM application, such as CATIA, that's installed on a host.

  • Local X client connections maintained during PC hibernation mode.

For ease of use, local X client connections are now maintained (the server is not reset) if your PC enters hibernation mode and your X client sessions are suspended. As with previous versions of Reflection X, you specify whether to deny session suspension (Settings menu > Server > Confirm close when clients are connected check box).

Accessibility Features

  • Easier access to Replay command.

The Reflection X Replay command is now available from the Tools menu, as well as from the Trace dialog box. Use this command to play back a captured trace, either locally or on another computer running Reflection X.

  • Quickly advertise one visual depth.

The new Advertise single depth visuals option (Settings > Color) provides a quick way to advertise only those visuals with the same depth as the Default visual type.

Migration Support

  • KEA! X to Reflection X conversion utility.

To help Attachmate customers smoothly transition from KEA! X to Reflection X, a customized migration utility is now available from the Attachmate Download Library. See KB 7021801 for more information.

Enhanced Features for System Administrators

  • Help users locate Client Files more quickly.

So that Administrators can profile Reflection X to start with different areas of the Client Files tree (X Manager) expanded, three new settings have been added, thus making it easier for users to locate their client files. For more information, install the Administrator Help (not included with a Typical installation), and refer to the descriptions for ExpandFilesTreeClientStartup, ExpandFilesTreeLocal, and ExpandFilesTreeXDMCP.

  • View Settings dialog box optimized for viewing profiled settings.

Administrators can now easily review which Reflection X settings have been profiled using the new Profiled radio button and Profiled command button in the View Settings dialog box.

  • Troubleshoot remote profiles.

Reflection administrators can use the features on the X Profiler's General tab to troubleshoot Reflection X profiles (Rx.ini) on remote computers. The X Profiler is installed in the Administrative Tools folder if you have installed the Reflection Administrator's Toolkit. Start the Profiler and use its help file (Xprofile.chm) to learn more about this new feature.

Public Key Infrastructure (PKI) Certificates

  • Reflection certificate store.

Certificates in the new Reflection store can be used for host and user authentication during Reflection SSH and SSL/TLS sessions. Use the new Reflection Certificate Manager to manage these certificates. (Reflection continues to support authentication using certificates in the Windows certificate store.)

  • Key Agent authentication using imported certificates.

You can now import certificates into the Reflection Key Agent and have them available for user authentication for Secure Shell connections.

  • LDAP support for CRL checking and storing intermediate certificates.

You can configure Reflection to use an LDAP server both for external CRL (Certificate Revocation List) checking and to store intermediate certificates. See the LDAP tab in the Reflection Certificate Manager.

  • Smart card support.

Reflection now supports authentication using smart cards that conform to PKCS#11 specifications. See the PKCS #11 tab in the Reflection Certificate Manager.

Secure Shell connections

  • Drop-down list for selecting SSH config schemes.

If you have already created an SSH Config scheme, or configured settings for a particular host, you can easily use this configuration again. All configured hosts and schemes are now available for selection from a convenient drop-down list.

  • Automatically launch local applications.

Use the Local Port Forwarding dialog box to configure Reflection to launch an application automatically after the Secure Shell connection has been established. This feature makes it easier to send data securely through the SSH Tunnel from any application installed on the local computer.

  • Configure Multi-hop SSH connections.

Use multi-hop connections when you need to establish secure connections through a series of SSH servers. This is useful if your network configuration doesn't allow direct access to a remote server, but does allow access via intermediate servers.

  • Reuse established SSH connections.

You can reuse an established SSH connection when you open multiple sessions to the same host—additional sessions don’t require re-authentication. To change this setting use the General tab of the Secure Shell Settings dialog box.

  • Forward FTP communications.

Reflection can now forward all FTP communications—including the FTP command channel and data channel(s)—through an existing secure SSH tunnel.

  • Configure FIPS mode for specific sessions.

FIPS mode can now be configured on a per-session basis. Reflection also continues to support use of group policy to enforce FIPS mode for all sessions.

  • VT220 emulation for Secure Shell command line sessions.

New keywords are available for configuring VT220 emulation for command line ssh and ssh2 sessions. These can be configured in the Secure Shell configuration file, or by using the -o command line switch. To see a list of these new terminal settings, see "Secure Shell, configuration file keywords (terminal settings)" in the Reflection application Help index.

  • Full support for both OpenSSH and F-Secure style command line switches.

The ssh, scp, and sftp command line utilities now support the full range of command line switches provided by equivalent OpenSSH-style utilities. New ssh2, scp2, and sftp2 utilities have been added for customers who are migrating from F-Secure and need to maintain scripts written for the F-Secure command line utilities.

  • Scp transfers use the sftp subsystem.

The scp and scp2 command line utilities now use the sftp subsystem to transfer files securely. (Backwards compatibility for OpenSSH-style scp transfer, which uses rcp through the SSH tunnel, is available using the -1 switch.)

New Default Folders for Reflection

As a result of the company name change, starting with this version, certain Reflection folders are in new locations. See the "Name and Folder Location Changes" section of KB 7021761 for more information.

Reflection FTP Client

The following features are new in version 14.0 of the Reflection FTP Client.

Public Key Infrastructure (PKI) Certificates

  • Reflection certificate store.

Certificates in the new Reflection store can be used for host and user authentication during Reflection SSH and SSL/TLS sessions. Use the new Reflection Certificate Manager to manage these certificates. (Reflection continues to support authentication using certificates in the Windows certificate store.)

  • Key Agent authentication using imported certificates.

You can now import certificates into the Reflection Key Agent and have them available for user authentication for Secure Shell connections.

  • LDAP support for CRL checking and storing intermediate certificates.

You can configure Reflection to use an LDAP server both for external CRL (Certificate Revocation List) checking and to store intermediate certificates. See the LDAP tab in the Reflection Certificate Manager.

  • Smart card support.

Reflection now supports authentication using smart cards that conform to PKCS#11 specifications. See the PKCS #11 tab in the Reflection Certificate Manager.

SSL/TLS connections

  • Secure file transfer using the Reflection security proxy server FTP gateway.

The Reflection FTP Client can now be configured to transfer files securely (using the TLS protocol) through the Reflection security proxy server. This proxy server is available with Reflection Administrator (available seperately). To configure this from the FTP Client, open the Site Properties dialog box, click Security, then go to the SSL/TLS tab. Use this tab to enable a connection through the Reflection security proxy and to specify the Security proxy server and port to connect to. You can also configure this support using either Reflection Administrator or the Reflection for the Web Administrative Webstation.

Secure Shell connections

  • Drop-down list for selecting SSH config schemes.

If you have already created an SSH Config scheme, or configured settings for a particular host, you can easily use this configuration again. All configured hosts and schemes are now available for selection from a convenient drop-down list.

  • Automatically launch local applications.

Use the Local Port Forwarding dialog box to configure Reflection to launch an application automatically after the Secure Shell connection has been established. This feature makes it easier to send data securely through the SSH Tunnel from any application installed on the local computer.

  • Configure Multi-hop SSH connections.

Use multi-hop connections when you need to establish secure connections through a series of SSH servers. This is useful if your network configuration doesn't allow direct access to a remote server, but does allow access via intermediate servers.

  • Reuse established SSH connections.

You can reuse an established SSH connection when you open multiple sessions to the same host—additional sessions don’t require re-authentication. To change this setting use the General tab of the Secure Shell Settings dialog box.

  • Forward FTP communications.

Reflection can now forward all FTP communications—including the FTP command channel and data channel(s)—through an existing secure SSH tunnel.

  • Configure FIPS mode for specific sessions.

FIPS mode can now be configured on a per-session basis. Reflection also continues to support use of group policy to enforce FIPS mode for all sessions.

  • VT220 emulation for Secure Shell command line sessions.

New keywords are available for configuring VT220 emulation for command line ssh and ssh2 sessions. These can be configured in the Secure Shell configuration file, or by using the -o command line switch. To see a list of these new terminal settings, see "Secure Shell, configuration file keywords (terminal settings)" in the Reflection application Help index.

  • Full support for both OpenSSH and F-Secure style command line switches.

The ssh, scp, and sftp command line utilities now support the full range of command line switches provided by equivalent OpenSSH-style utilities. New ssh2, scp2, and sftp2 utilities have been added for customers who are migrating from F-Secure and need to maintain scripts written for the F-Secure command line utilities.

  • Scp transfers use the sftp subsystem.

The scp and scp2 command line utilities now use the sftp subsystem to transfer files securely. (Backwards compatibility for OpenSSH-style scp transfer, which uses rcp through the SSH tunnel, is available using the -1 switch.)

New Default Folders for Reflection

As a result of the company name change, starting with this version, certain Reflection folders are in new locations. See the "Name and Folder Location Changes" section of KB 7021761 for more information.

Reflection NFS Client

The following features are new in version 14.0 of the Reflection NFS Client.

  • New LDAP search capabilities identify PosixGroup objects and auxiliary group IDs for logged-in users.
  • NFS Client Print Provider can be enabled or disabled upon installation.
  • Logon dialog box now allows "anonymous" as a logon option.

Obtaining Your Product Upgrade

If you already obtained your product upgrade, disregard this section.

Maintained customers are eligible to download the latest product releases from the Download Library web site. To obtain the current release, go to: https://download.attachmate.com/upgrades/.

You will be prompted to login and accept the Software License Agreement before you can select and download a file. For more information on using the Download Library web site, see KB 7021965.

Additional Information

Legacy KB ID

This document was originally published as Attachmate Technical Note 1896.

Feedback service temporarily unavailable. For content questions or problems, please contact Support.