Are there any known issues upgrading or installing Security Manager 5.5? (NETIQKB52998)

  • 7752998
  • 02-Feb-2007
  • 17-Apr-2008

Resolution

goal
Are there any known issues upgrading or installing Security Manager 5.5?

goal
What are the known issues when upgrading to Security Manager 5.5?

goal
How can I fix a failed installation or upgrade?

fact
Security Manager 5.5

fix

In some instances, installing or upgrading to Security Manager version 5.5 may require you to perform actions supplemental to those described in the Release Notes and the Installation Guide for Security Manager.  Review the following knowledge base articles and issue descriptions for instances that may apply to your Security Manager environment:

  • NETIQKB54249 - "After applying Microsoft patches released on 8/8/2006 Security Manager will not start properly"

    Event ID 31533 (The NqSmLM is not running.  Restarting.) occurs every 5 minutes in the application log.  Analysis Console not opening with an error that no central computer is running nqsmlm.

  • NETIQKB52609 - "Error in importing PRG: Error information has 2 rows and 6 columns."

    When importing modules, the process fails with a bulk insert error.  Clean out any orphaned rules by following the steps in NETIQKB52609, and then rerun setup.

  • NETIQKB52821 - "Error:'Subqueryreturned more than 1 value. This is not permitted when thesubquery follows =, !=, <, <= , >, >= or when the subquery is used as an expression."

    When upgrading to Security Manager version 5.5 you may receive the following error message: Subquery returned more than 1 value. This is not permitted when the subquery follows =, !=, <, <= , >, >= or when the subquery is used as an expression.   When you change the global temporary storage settings for both the central computers and agents, this error may occur.  Remove the global setting for the agents and rerun setup, following the steps in the NETIQKB52821.

  • NETIQKB47358 - "Security Manager does not collect events from ISS RealSecure SiteProtector 2.0 after applying Service Pack 5."

    After upgrading to Security Manager 5.5, the provider for ISS RealSecure Site Protector 2.0 with Service Pack 5 or Service Pack 6l no longer collects events from the database.  This issue occurs only in environments where you installed the ISS RealSecure Site Protector buddy drop NetIQ Technical Support provides.

    Please contact NetIQ Technical Support for a workaround to this issue.

  • NETIQKB52970 - "Security Manager 5.5 upgrade fails when LMConsole is owner of any databases."

    When upgrading to Security 5.5, if the LMConsole user is the owner of any databases, the upgrade fails. Setup cannot drop the LMConsole  user from the SQL server.  If this is the case, change the owner of any databases owned by the LMConsole user to another owner, such as sa.  Then, rerun setup. For more information, see NETIQKB52970. For more information, contact NetIQ Technical Support and mention knowledge base article NETIQKB52970.

  • If a manual agent does not have a central computer assigned to it, after the upgrade to 5.5, it will no longer send any events but will continue to send valid h.
    eartbeats.  You will see event 21323 repeated in the application log of the agent.  This can happen when the agent is authorized using the deployment wizard in 5.1.  If the agent was included in a manualmc.txt file before the upgrade, then the agent will not have this problem.
     
    Workaround: Reassign these agents to a central computer using the Agent Summary View in the Agent Administrator.  They will then get their configuration and start sending events after downloading the rules.

    Note:  After doing the above workaround, please see the next bullet point for another issue that can happen with unmanaged agents.  You will need to also do the workaround stated to avoid data loss.

    NetIQ software development is examining this issue.  If a solution is found, it will be available in a future Security Manager release.

     
  • If the central computer does not have permission to scan the registry of unmanaged agent computers, Monitor Console displays  a group count of zero after a managed computer scan.  The unmanaged agents are unable to return any data until the next attribute collection cycle on the agent. This cycle occurs 24 hours after you start the NetIQ Security Manager service on the unmanaged agent computers.

    Workaround: By default, managed computer scans occur every day at 2:05 AM. Disable managed computer scans and avoid doing a manual computer scan. 
    1. Log on to the Monitor Console computer as a member of the OnPointOp ConfgAdmins group.
    2. Start the Open the Monitor Console from the NetIQ Security Manager program group.
    3. In the left pane, expand Security Manager Monitor Console > Configuration > Global Settings
    4. In the right pane, click Central Computers. 
    5. On the Action menu, click Properties.
    6. On the Managed Computer Scan tab, specify 0 in the Days list.
    7. Click OK.

NetIQ software development is examining this issue.  If a solution is found, it will be available in a future Security Manager release.

  • When installing modules, the module installation process fails with an out-of-space error.  This occurs when you do not allocate to the OnePoint database a sufficient amount of free space during setup.  NetIQ Corporation recommends you allocate an amount of free space equal to 40% of final size of the OnePoint database before doing the upgrade.  Allocate to the log files an amount of free space equal to 20% of the final size of the OnePoint database.

  • Agent upgrades fail. One potential cause of this failure is the failure to upgrade Internet Explorer on the agent computer to version 6.0 or later prior to upgrading the agent.  To verify the reason for failure, in the Monitor Console expand Monitor > Security Views > Security Manager Self-monitoring > Central Computers > Agent Installation Failures (last 24 hours).

  • If you specify 1270 as a non-default port during setup of an unmanaged agent, the agent is unable to communicate with the central computer.  This is due to setup specifying an incorrect registry entry. To correct this, modify the following registry entry after installation and change it to the correct port number in decimal format:

    HKLM > SOFTWARE > NetIQ > Security Manager > Configurations > config_group_name > Operations > Agent > Consolidators - Consolidator 1 Secure Port

    If the registry.
    contains an entry for more than one consolidator, update the secure port for each consolidator.

  • When configuring a 5.5 agent to monitor Checkpoint or Cisco IDS, run the appropriate configuration utility. For manually installed agents, run the appropriate utility from the NetIQ Security Manager > Configuration Utilities program group on the manual agent computer.  For more information about managed agents, see the Security Manager Installation Guide, the Monitoring Guide for Check Point and the Monitoring Guide for Cisco IDS.
.


Additional Information

Formerly known as NETIQKB52998

Feedback service temporarily unavailable. For content questions or problems, please contact Support.