Environment
NetIQ Security Solutions for iSeries 8.0
Situation
Are there any known issues related to IBM OS/V6R1?
What steps do I need to take before upgrading to IBM OS/V6R1?
Resolution
Before upgrading your operating system, review the following pre- and post-upgrade NetIQ Security Solutions for iSeries 8.0 product requirements.
- Permanently apply all currently applied NetIQ Security Solutions for iSeries PTFs by typing the following command on the iSeries command line and pressing Enter. APYPTF LICPGM(1PSA001) RLS(*ALL) SELECT(*ALL) APY(*PERM) DELAYED(*NO)
Note: It is not necessary to perform an IPL. You can run the command interactively. - Repeat Step 1 for licensed programs 1PSC001, 1PSD001, 1PSI001, 1PSP001 and 1PSS001
- On the command line, type
WRKREGINFand press Enter. - Page down to exit point QIBM_QTMT_WSG - WSG Server Sign-On Validation.
- If exit point QIBM_QTMT_WSG does not exist on your server, skip to Step 8.
- Type
8(Work with exit programs) to the left of exit point QIBM_QTMT_WSG and press Enter. - If exit program NW0001E is associated with the exit point QIBM_QTMT_WSG, type
4to the left of the exit point and press Enter. For more information about removing exit program QIBM_QTMT_WSG, see the NetIQ Knowledge Base article NETIQKB46825: "Exit Program cannot be removed from Exit Point QIBM_QTMT_WSG." at www.netiq.com/kb/esupport/consumer/solutionarea.asp?id=NETIQKB46825. - Note the exit program registered with exit point QIBM_QTG_DEVINIT. Some OS/400 upgrades remove the exit program. Once you have finished the operating system upgrade, you must reinstall the exit program noted.
- If you are using PSSecure Profile and Password Management to monitor user profiles, remove the Q* entry from the exclusions list and hold the PSPROFILE scheduled job. An OS upgrade can remove and replace one of the IBM "Q" profiles. To remove the entry:
- On the command line, type WRKJOBSCDE and press Enter.
- If the PSPROFILE job is scheduled, put it on hold.
- From the NetIQ Product Access Menu, type 2 (PSSecure) and press Enter.
- Type 2 (Profile and Password Management) and press Enter.
- Type 1 (General Options Menu) and press Enter.
- Type 17 (User Profile Exclusions) and press Enter.
- Remove the entry for Q*.
Post-Upgrade Requirements
After completing the operating system upgrade, you must complete the following steps:
Apply IBM PTF MF44237 before accessing the NetIQ Security Solutions for iSeries product.
Warning
If you do not apply IBM PTF MF44237 before accessing the NetIQ Security Solutions for iSeries product, your system may hang and you will be required to perform an IPL to regain control of your system.
Any job that attempts to access PSPasswordManager, run the STROBJCVN command on library PSSECURE, or attempts a new installation of the NetIQ Security Solutions for iSeries product with system value QFRCCVNRST set to 1 or greater before applying PTF MF44237 will hang. Subsystems processing these jobs cannot be ended. The only way to end the hung job is through a forced power down of the system.
For more information about IBM PTF MF44237, see IBM APAR MA36364.
If you removed the Q* entry from the exclusion list and set the PSPROFILE job to Hold, re-add the Q* entry to the exclusion list and release the PSPROFILE scheduled job.
- For information about compatibility with i5/OS V6R1, see the NetIQ Security Solutions for iSeries 8.0 Compatibility With i5/OS V6R1 Technical Reference at https://qa.netiq.com/support/iseries/
- Download and install PTFs for NetIQ Security Solutions for iSeries version 8.0 from the following location: https://www.netiq.com/support/iseries/extended/hotfixes.asp if you have not previously done so. Registration is required to access the site.
To receive notifications for new releases and PTFs, see NetIQ Knowledge Base article NETIQKB43092: "How do I sign up for notifications of new releases, patches and/or PTFs for the iSeries Product?" at www.netiq.com/kb/esupport/consumer/solutionarea.asp?id=NETIQKB43092
Additional Information
NetIQ Corporation strives to ensure our products provide quality solutions for your security
needs. We have tested all NetIQ Security Solutions for iSeries products on systems running
i5/OS V6R1 and have identified the following issues:
NetIQ Corporation has resolved the following known i5/OS V6R1 Compatibility Issues:
PSAudit - System Auditing and Reporting (SAR)
PTF 1A03008 resolves an issue where the SQL/QRY Audit Report does not contain detail data.
To resolve an issue where the SQL/QRY Monitor ends as soon as it is started, issue the
following commands from the iSeries command line:
RNMOBJ PSAUDIT/SAR0514F *FILE SAR0514F80
CRTDUPOBJ OBJ(QAQQDBMN) FROMLIB(QSYS) OBJTYPE(*FILE) TOLIB(PSAUDIT) NEWOBJ(SAR0514F)
CHGOBJOWN PSAUDIT/SAR0514F *FILE NEWOWN(PSOBJOWN)
GRTOBJAUT PSAUDIT/SAR0514F *FILE REFOBJ(PSAUDIT/SAR0514F80)
PSSecure - Remote Request Management
PTF 1C03084 resolves an issue where Remote Request Management (RRM) collects incorrect IP addresses causing remote transactions secured by network addresses to fail. PTF has been superseded by 1C03087 to resolve issue with excessive joblog entries.
Secure Configuration Manager Integration
PTF 1C03085 resolves an issue where Secure Configuration Manager agent registration does not complete normally, which prevents you from running tasks,
security checks, and policy templates against an iSeries server.
Known compatibility issues with i5/OS V6R1:
Operations Navigator Plug-in for RRM
If you need further assistance with any issue, please contact NetIQ Technical Support at support@netiq.com.